> During our attempts to remediate, we have disabled WARP [their VPN service] access in London. Users in London trying to access the Internet via WARP will see a failure to connect. Posted 4 minutes ago. Nov 18, 2025 - 13:04 UTC

Is Cloudflare being attacked...?

▲

fergie 8 hours ago | parent | next [-]

This line also gave me that vibe

▲

misswaterfairy 8 hours ago | parent | next [-]

> We have made changes that have allowed Cloudflare Access [their 'zero-trust network access solution'] and WARP to recover. Error levels for Access and WARP users have returned to pre-incident rates. > We have re-enabled WARP access in London.

> We are continuing to work towards restoring other services. > Posted 12 minutes ago. Nov 18, 2025 - 13:13 UTC

Now I'm really suspicious that they were attacked...

▲

philipwhiuk 8 hours ago | parent | prev [-]

I will bet it's routing misconfig.

	▲	0xbkt 8 hours ago \| parent [-]
		It always is.

▲

SallysField 8 hours ago | parent | prev | next [-]

[flagged]

▲

aberoham 8 hours ago | parent | prev [-]

Someone running cloudflared accidentally advertising a critical route into their Warp namespace and somehow disrupting routes for internal Cloudflare services doesn't seem too far fetched.

We vibe coded a tool to mass disconnect Cloudflare Warp for incident responders: https://github.com/aberoham/unwarp

To go along with the shenanigans around dealing with MITM traffic inspection https://github.com/aberoham/fuwarp