D2DO300: Open Source Malware!
Malware has shifted from phishing expeditions to open source packages, domains, and repositories. Ned and Kyler welcome Jenn Gile, co-founder of Open Source Malware, to discuss how malware is making its way into open source software. Together they break down NPM compromises, AI-driven infiltration, malicious agent skills, and more. Episode Links: Open Source Malware –... Read more »Project Think: building the next generation of AI agents on Cloudflare
Today, we're introducing Project Think: the next generation of the Agents SDK. Project Think is a set of new primitives for building long-running agents (durable execution, sub-agents, sandboxed code execution, persistent sessions) and an opinionated base class that wires them all together. Use the primitives to build exactly what you need, or use the base class to get started fast.
Something happened earlier this year that changed how we think about AI. Tools like Pi, OpenClaw, Claude Code, and Codex proved a simple but powerful idea: give an LLM the ability to read files, write code, execute it, and remember what it learned, and you get something that looks less like a developer tool and more like a general-purpose assistant.
These coding agents aren't just writing code anymore. People are using them to manage calendars, analyze datasets, negotiate purchases, file taxes, and automate entire business workflows. The pattern is always the same: the agent reads context, reasons about it, writes code to take action, observes the result, and iterates. Code is the universal medium of action.
Our team has been using these coding agents every day. And we kept running into the same walls:
They only run Continue reading
Introducing Agent Lee – a new interface to the Cloudflare stack
While there have been small improvements along the way, the interface of technical products has not really changed since the dawn of the Internet. It still remains: clicking five pages deep, cross-referencing logs across tabs, and hunting for hidden toggles.
AI gives us the opportunity to rethink all that. Instead of complexity spread over a sprawling graphical user interface: what if you could describe in plain language what you wanted to achieve?
This is the future — and we’re launching it today. We didn’t want to just put an agent in a dashboard. We wanted to create an entirely new way to interact with our entire platform. Any task, any surface, a single prompt.
Introducing Agent Lee.
Agent Lee is an in-dashboard AI assistant that understands your Cloudflare account.
It can help you with troubleshooting, which, today, is a manual grind. If your Worker starts returning 503s at 02:00 UTC, finding the root cause: be it an R2 bucket, a misconfigured route, or a hidden rate limit, you’re opening half a dozen tabs and hoping you recognize the pattern. Most developers don't have a teammate who knows the entire platform standing over their shoulder at 2 a.m. Agent Continue reading
BGP Labs: Graceful Degradation for Unsupported Devices
A few weeks ago, I described the changes in the online BGP labs that allow you to use most of the common network operating systems as “external” routers1. However, while we keep improving it, netlab still can’t configure all BGP features on all supported devices (PRs from Nokia and Mikrotik fans would be highly appreciated 😎), which means that it’s possible to configure your environment in a way where some of the more complex labs would simply fail to start.
The limited choice of devices for external routers was always well-documented (example), but if you insisted on using unsupported devices, the lab would fail to start with an error message, and you’d have to tweak the lab topology (example). Wouldn’t it be better to start the lab with a warning?
PP105: Cybercrime Has Gone Industrial: Insights from HPE Threat Labs (Sponsored)
Threat actors are behaving more like professional organizations in an effort to launch more effective and profitable attacks. We explore this and other themes from the latest Threat Labs report from HPE, our sponsor for today’s Packet Protector episode. We also look at how older vulnerabilities are still contributing to today’s exploits, why security organizations... Read more »HW075: Speedtest Certified
Speedtest Certified is a network connectivity verification program for properties and venues, allowing them to prove the performance of their Wi-Fi. Alan Blake of Ookla joins the show to break down what the certification actually measures, how assessments are performed, and what it means for network owners as well as Wi Fi professionals. This is... Read more »Four public live production flow analytics dashboards
The following publicly accessible dashboards show live data from operational networks, including: an AI/ML RoCEv2 fabric, a world-wide Kubernetes cluster, and an Internet Exchange Provider (IXP). Click on the [ LIVE DASHBOARD ] link under each screen capture to access the live dashboard.
[ LIVE DASHBOARD ]
San Diego Supercomputer Center Expanse Cluster AI/ML dashboard using ai-metrics application. See AI Metrics with Prometheus and Grafana for detailed, step-by-step, instructions for setting up monitoring and dashboard.
[ LIVE DASHBOARD ]
San Diego Supercomputer Center Expanse Cluster AI/ML traffic matrix using heatmap application. See Real-time visualization of AI / ML traffic matrix for an explanation of the chart with examples.
[ LIVE DASHBOARD ]
National Research Platform Nautilus Cluster GPU, CPU, and network resources in world-wide Kubernetes cluster using sunburst application. See Real-time Kubernetes cluster monitoring example for more details and step-by-step instructions for deploying monitoring.
[ LIVE DASHBOARD ]
San Francisco Metropolitan Internet Exchange overall traffic dashboard using ixp-metrics application. See Internet eXchange Provider (IXP) Metrics for detailed, step-by-step, instructions for setting up overall exchange traffic and per member peering traffic dashboards.
Live Dashboards maintains a current list publicly accessible dashboards. If you have dashboard to share, would like help learning Continue reading
What is Netlab and Why Network Engineers Should Care
Milan Zapletal, the author of the biggest netlab topology I’ve seen so far (full story), has published a nice introductory article explaining What is Netlab and Why Network Engineers Should Care.
Thank you, Milan! Much appreciated ;)
NB570: Project Glasswing’s FUD and Thunder; Au Revoir Windows, Bonjour Linux
Take a Network Break! We commence with a red alert on FastMCP, and then debate whether Anthropic’s Project Glasswing is a marketing stunt or a reasonable response to the growing ability of AI models to find and exploit software vulnerabilities. Iran targets US OT networks, startup Aria Networks unveils Ethernet switches purpose-built for AI factories,... Read more »Building a CLI for all of Cloudflare
Cloudflare has a vast API surface. We have over 100 products, and nearly 3,000 HTTP API operations.
Increasingly, agents are the primary customer of our APIs. Developers bring their coding agents to build and deploy applications, agents, and platforms to Cloudflare, configure their account, and query our APIs for analytics and logs.
We want to make every Cloudflare product available in all of the ways agents need. For example, we now make Cloudflare’s entire API available in a single Code Mode MCP server that uses less than 1,000 tokens. There’s a lot more surface area to cover, though: CLI commands. Workers Bindings — including APIs for local development and testing. SDKs across multiple languages. Our configuration file. Terraform. Developer docs. API docs and OpenAPI schemas. Agent Skills.
Today, many of our products aren’t available across every one of these interfaces. This is particularly true of our CLI — Wrangler. Many Cloudflare products have no CLI commands in Wrangler. And agents love CLIs.
So we’ve been rebuilding Wrangler CLI, to make it the CLI for all of Cloudflare. It provides commands for all Cloudflare products, and lets you configure them together using infrastructure-as-code.
Today we’re sharing an early version of Continue reading
Durable Objects in Dynamic Workers: Give each AI-generated app its own database
A few weeks ago, we announced Dynamic Workers, a new feature of the Workers platform which lets you load Worker code on-the-fly into a secure sandbox. The Dynamic Worker Loader API essentially provides direct access to the basic compute isolation primitive that Workers has been based on all along: isolates, not containers. Isolates are much lighter-weight than containers, and as such, can load 100x faster using 1/10 the memory. They are so efficient, they can be treated as "disposable": start one up to run a few lines of code, then throw it away. Like a secure version of eval().
Dynamic Workers have many uses. In the original announcement, we focused on how to use them to run AI-agent-generated code as an alternative to tool calls. In this use case, an AI agent performs actions at the request of a user by writing a few lines of code and executing them. The code is single-use, intended to perform one task one time, and is thrown away immediately after it executes.
But what if you want an AI to generate more persistent code? What if you want your AI to build a small application with a custom UI the user can Continue reading
Agents have their own computers with Sandboxes GA
When we launched Cloudflare Sandboxes last June, the premise was simple: AI agents need to develop and run code, and they need to do it somewhere safe.
If an agent is acting like a developer, this means cloning repositories, building code in many languages, running development servers, etc. To do these things effectively, they will often need a full computer (and if they don’t, they can reach for something lightweight!).
Many developers are stitching together solutions using VMs or existing container solutions, but there are lots of hard problems to solve:
Burstiness - With each session needing its own sandbox, you often need to spin up many sandboxes quickly, but you don’t want to pay for idle compute on standby.
Quick state restoration - Each session should start quickly and re-start quickly, resuming past state.
Security - Agents need to access services securely, but can’t be trusted with credentials.
Control - It needs to be simple to programmatically control sandbox lifecycle, execute commands, handle files, and more.
Ergonomics - You need to give a simple interface for both humans and agents to do common operations.
We’ve spent time solving these issues so you don’t have to. Since our initial Continue reading
Dynamic, identity-aware, and secure Sandbox auth
As AI Large Language Models and harnesses like OpenCode and Claude Code become increasingly capable, we see more users kicking off sandboxed agents in response to chat messages, Kanban updates, vibe coding UIs, terminal sessions, GitHub comments, and more.
The sandbox is an important step beyond simple containers, because it gives you a few things:
Security: Any untrusted end user (or a rogue LLM) can run in the sandbox and not compromise the host machine or other sandboxes running alongside it. This is traditionally (but not always) accomplished with a microVM.
Speed: An end user should be able to pick up a new sandbox quickly and restore the state from a previously used one quickly.
Control: The trusted platform needs to be able to take actions within the untrusted domain of the sandbox. This might mean mounting files in the sandbox, or controlling which requests access it, or executing specific commands.
Today, we’re excited to add another key component of control to our Sandboxes and all Containers: outbound Workers. These are programmatic egress proxies that allow users running sandboxes to easily connect to different services, add observability, and, importantly for agents, add flexible Continue reading
Ramla Baharuddin: Pahlawan Dayung Indonesia di SEA Games 2025
Daftar Pustaka
Prestasi Gemilang Ramla Baharuddin
Ramla Baharuddin adalah salah satu atlet dayung terbaik Indonesia yang menunjukkan prestasi luar biasa di SEA Games 2025. Bersama tim nasional, Ramla berhasil meraih medali emas pada nomor mixed kayak four 500m, membawa Indonesia ke puncak podium. Kemenangan ini menjadi bukti nyata dari kerja keras, disiplin, dan dedikasi tinggi yang dimiliki Ramla dan rekan-rekannya.
Selain itu, Ramla dikenal sebagai sosok yang inspiratif, selalu memberikan dukungan semangat kepada timnya. Banyak pengamat olahraga menilai bahwa kemampuan koordinasi dan strategi timnya menjadi faktor penting keberhasilan mereka. Tidak hanya fisik yang kuat, tetapi juga mental juara yang membuat Ramla Baharuddin menonjol dalam ajang internasional.
Perjalanan Karier dan Dedikasi
Sejak kecil, Ramla Baharuddin sudah menunjukkan bakat luar biasa dalam olahraga air. Ia mulai berlatih dayung secara intensif sejak usia dini, mengasah teknik, kecepatan, dan ketahanan tubuh. Berkat latihan disiplin dan komitmen tinggi, Ramla perlahan naik menjadi anggota tim nasional dayung Indonesia.
Selain latihan fisik, Ramla juga fokus pada strategi tim, belajar membaca arus air, dan menjaga sinkronisasi gerakan dengan rekan Continue reading
Lexus LBX: Mobil Compact Mewah dengan Performa Modern
Daftar Pustaka
Desain Eksterior yang Menawan
Lexus LBX menghadirkan desain eksterior yang modern dan sporty. Gril spindle yang khas Lexus tampak lebih agresif dibandingkan model sebelumnya. Selain itu, lampu LED tajam menambah kesan futuristik, sementara garis bodi yang dinamis memberikan aerodinamika optimal. Dengan ukuran compact, mobil ini mudah bermanuver di perkotaan. Bahkan, pengemudi akan merasa percaya diri saat melaju di jalan sempit.
Lebih lanjut, warna metalik dan aksen krom membuat tampilan mobil semakin premium. Di sisi lain, velg 18 inci menambah aura sporty, sementara atap hitam kontras memberi kesan elegan. Seiring tren SUV compact, LBX berhasil memadukan kenyamanan dan gaya dalam satu paket yang menarik.
Interior Lexus LBX: Nyaman dan Canggih
Masuk ke dalam, interior Lexus LBX menawarkan kombinasi kemewahan dan teknologi. Kursi berbahan kulit berkualitas tinggi membuat perjalanan lebih nyaman. Selain itu, dashboard digital 12,3 inci menghadirkan informasi dengan jelas dan mudah diakses. Pengemudi dapat memanfaatkan layar sentuh untuk navigasi, hiburan, dan kontrol mobil.
Selain itu, sistem audio premium menambah pengalaman berkendara. Lebih lanjut, ruang kabin yang lapang memungkinkan penumpang belakang duduk nyaman. Bahkan, bagasi Continue reading
netlab 26.04: EXOS, BGP Prefix Origination, More Static Routes
netlab release 26.04 is out. Here are the highlights:
- Extreme Networks EXOS is supported as a Vagrant box or containerlab node with OSPF, VLAN, and VRRP configuration (by Seb d’Argoeuves).
- The new bgp.advertise node attribute allows you to advertise networks in the IP routing table into BGP. It’s supported on most platforms.
- The bgp.originate attribute is now dual-stack and VRF-aware, allowing you to originate IPv4 and IPv6 prefixes into per-VRF BGP instances.
- New platforms with static route support: FortiOS (by Aleksey Popov), Nexus OS, Nokia SR OS, Nokia SR Linux. OpenBSD got discard static routes.
Juniper Port Checker – Validate Port Speed Mappings Before You Deploy
If you work with Juniper hardware and have never used the Juniper Port Checker, you are missing out on a really useful tool. It is part of the Juniper Pathfinder suite and it gives you a visual representation of the front panel of a device and lets you configure port speeds to validate that your...
The post Juniper Port Checker – Validate Port Speed Mappings Before You Deploy first appeared on Fryguy's Blog.New Network Tools Section
I have been meaning to put together some network tools for a while now, and I finally got around to it. I added a new Network Tools section to the site with eight tools that I find myself needing on a regular basis. They all run in the browser – nothing gets sent to a...
The post New Network Tools Section first appeared on Fryguy's Blog.