News
AI SHIFT:

Cloudflare Precursor Scores Browser Sessions As Bot Traffic Hits 57 Percent

Newsroom brief

Cloudflare made Precursor generally available to score visitor behaviour across full browser sessions rather than one arrival check. The public record still lacks pricing, customer adoption figures and customer false-positive rates for the session-scoring product.

Verified against source materialEdited by SendTech Times Cybersecurity Desk
Cloudflare Precursor Scores Browser Sessions As Bot Traffic Hits 57 Percent
Image source: SiliconANGLE

Cloudflare has made Precursor generally available, giving websites a browser-session bot detector at a time when the company puts automated traffic at roughly 57 percent of web requests, SiliconANGLE reported.

The system runs inside a visitor's browser and streams interaction signals back to Cloudflare's edge, where servers score the session in real time for evidence of automation.

Precursor is designed to replace one-time CAPTCHA-style checks with continuing behavioural scoring.

Precursor Tracks Full Browser Sessions

Precursor follows behaviour across an entire visit rather than testing a user only once on arrival.

A challenge page checks the visitor at the door, while later actions are normally assumed to be legitimate.

Cloudflare Chief Technology Officer Dane Knecht told SiliconANGLE that the company is looking at behaviour over the whole visit instead of only checking an ID at the gate.

The tool is meant to make it harder for automated systems to pass a single check and then continue browsing with a clean status.

Bot Traffic Reaches 57 Percent Of Requests

Cloudflare put bot traffic at roughly 57 percent of web requests, according to SiliconANGLE.

The company's argument, as reported by the outlet, is that automation now outweighs people online and that single-action tests are easier for bots to imitate.

Precursor continues scoring after the initial page load.

The system continues to accumulate session context when an automated agent tries to erase its behavioural signature by reloading a page under per-request challenges.

Browser Script Records Timing And Visibility Signals

Customers can turn on Precursor with one click and without code changes.

Cloudflare injects a small script into pages already passing through its network, then logs mouse movement, scrolling rhythm, typing cadence, clipboard activity and the length of time a page stays visible in the browser tab.

The analysis engine checks for contradictions inside those signals.

Examples included pointer activity while a page is hidden and typing events at a moment when no text field has focus.

Cloudflare said the script records aggregate patterns rather than the typed inputs themselves.

Keyboard activity is stored as rhythm and cadence, while the characters typed are not captured, according to the company.

AI Scraper Controls Sit Behind The Launch

The launch follows earlier Cloudflare bot and crawler products.

Last year, the company began blocking artificial intelligence scrapers by default for new customers and later built tools for publishers to set crawler access terms.

Knecht said login and checkout are already covered by Cloudflare protections billions of times each day, while the activity between those events had remained a black box.

Precursor is generally available now, but the public record still lacks pricing, customer adoption figures and false-positive rates for the session-scoring product.

Share this article
inXf

Related articles

More
Socket Tracks 108 Malicious Packages In PolinRider Supply-Chain Attack
Cybersecurity

Socket Tracks 108 Malicious Packages In PolinRider Supply-Chain Attack

Socket reported 162 malicious release artefacts across 108 packages in the PolinRider supply-chain campaign. Victim companies remain outside the public record.

Unit 42 Finds 13,229 Malicious URLs In AI Phantom-Domain Study
Cybersecurity

Unit 42 Finds 13,229 Malicious URLs In AI Phantom-Domain Study

Palo Alto Networks’ Unit 42 said its phantom-squatting research generated 685,339 prompts across 913 brands and produced 2.1 million unique URLs, including 13,229 malicious URLs and about 250,000 unique phantom domains. The public report did not disclose the brand list, affected customer names or named domains tied to data loss.

CISA Tightens GitHub Controls After May AWS Key Leak
Cybersecurity

CISA Tightens GitHub Controls After May AWS Key Leak

CISA said privileged AWS GovCloud keys from a contractor appeared in a public GitHub repository in May, prompting secret rotation, repository monitoring and new incident playbooks. Logs showed no customer or mission data exposure, while the contractor, repository, exposure window and exact AWS permissions remain outside the public account.

Kaspersky Flags AI And Password Risks For Malaysian Firms
Cybersecurity

Kaspersky Flags AI And Password Risks For Malaysian Firms

Kaspersky cited Malaysian AI use, weak passwords and hybrid work as workplace cybersecurity risks after recording higher 2025 spyware and backdoor detections. Named victim companies, incident costs and confirmed breaches tied to AI-themed lures remain outside the public record.

Union County Clues Point To $1 Million Kairos Data-Extortion Payment
Cybersecurity

Union County Clues Point To $1 Million Kairos Data-Extortion Payment

A Ransom-ISAC case study says Kairos took about $1 million after stealing files without encrypting systems. Clues point to Union County, Ohio, The public record does not confirm the link or prove the data was deleted.

IPA Translation Turns CISA Security Goals Into A Japan Infrastructure Baseline
Cybersecurity

IPA Translation Turns CISA Security Goals Into A Japan Infrastructure Baseline

Japan’s Information-technology Promotion Agency published a Japanese translation of CISA’s Cross-Sector Cybersecurity Performance Goals Version 2.0 for domestic critical infrastructure operators. The guidance covers IT and operational technology, maps goals to NIST CSF 2.0, and frames the controls as minimum practices rather than a full cybersecurity program. The practical question is whether asset owners use the worksheet to rank gaps by cost, complexity and impact, then review progress after 12 months.

Keep Reading

More Stories

Latest
Apple Complaint Alleges OpenAI Coached Staff Around Exit ChecksCapital & PolicyJul 14, 2026Apple Complaint Alleges OpenAI Coached Staff Around Exit ChecksApple’s 41-page trade-secret complaint alleges OpenAI coordinated recruitment of Apple employees and coached candidates around exit procedures, TechCrunch reported. OpenAI’s cited statement said it has no interest in other companies’ trade secrets, and the court record cited by the outlet does not include a ruling on Apple’s claims.Intel Lists Starfire Space AI Chip At 75 TOPS As Radiation Data Stays PendingChips & SemiconductorsJul 14, 2026Intel Lists Starfire Space AI Chip At 75 TOPS As Radiation Data Stays PendingTom's Hardware reported that Intel has listed Starfire, a space-grade system-on-chip for the U.S. government, with up to 75 TOPS and Intel 18A CPU and NPU tiles. The sell sheet says samples are planned for Q3 2026, while radiation qualification data and final specifications remain pending.PixVerse Raises $439 Million As Video AI Valuation Tops $2 BillionAIJul 14, 2026PixVerse Raises $439 Million As Video AI Valuation Tops $2 BillionSingapore-based PixVerse has raised $439 million across a Series C extension and earlier funding, pushing its valuation above $2 billion, according to TechCrunch. The video-generation startup lists more than 150 million registered users and 15 million monthly active users, while paying-user totals, enterprise revenue and independent benchmark results remain outside the public record.Intel Commits 5 Billion Euros To Irish Fab 34 ExpansionChips & SemiconductorsJul 14, 2026Intel Commits 5 Billion Euros To Irish Fab 34 ExpansionA 5 billion euro Leixlip investment puts Fab 34 back at the centre of Intel's European manufacturing plan for AI and high-performance computing processors. Most of the spending is due by the end of 2027, while a large external foundry customer for the Irish capacity remains unnamed, according to TNW.Nadella Warns Enterprises Pay Twice For Proprietary AI ModelsAIJul 14, 2026Nadella Warns Enterprises Pay Twice For Proprietary AI ModelsMicrosoft CEO Satya Nadella warned companies using proprietary AI models may pay with both tokens and internal knowledge, according to TechCrunch. Solo.io, Vercel and OpenRouter supplied evidence of interest in on-premise and open models, while customer-level cost savings and security outcomes remain undisclosed.BrainCo Uses AI Decoding In Non-Invasive BCI Push After $280 Million RoundAIJul 14, 2026BrainCo Uses AI Decoding In Non-Invasive BCI Push After $280 Million RoundThe Hangzhou BCI company raised 2 billion yuan, or $280 million, while building non-invasive brain-computer-interface devices that use AI decoding, according to Indian Express. Public records still lack current revenue, shipment volumes, clinical trial results, product pricing and independent validation of the AI decoding accuracy.Anthropic Adds India Rupee Pricing But Leaves UPI Out Of Claude PaymentsAIJul 14, 2026Anthropic Adds India Rupee Pricing But Leaves UPI Out Of Claude PaymentsTechCrunch said Anthropic has begun showing Claude prices in Indian rupees for some users, with India accounting for 5.8% of global Claude usage. The rollout covers local currency display but still relies on cards or app-store billing rather than UPI, while Mythos 5 access remains limited outside the U.S.Maybank Sees AI Demand Driving Singapore Semiconductor GrowthChips & SemiconductorsJul 13, 2026Maybank Sees AI Demand Driving Singapore Semiconductor GrowthMaybank Investment Bank said AI-related demand should remain the main growth driver for Singapore semiconductor companies, while warning that large AI infrastructure spending still needs stronger revenue proof.Xi Jinping To Open Shanghai AI Governance Summit For First TimeCapital & PolicyJul 13, 2026Xi Jinping To Open Shanghai AI Governance Summit For First TimeXi Jinping will keynote China’s 2026 World Artificial Intelligence Conference from 17 to 20 July alongside a global AI governance meeting, TNW reported. The preview does not name member countries, confirm a charter, or identify which delegations would support Beijing’s proposed AI cooperation body.Cloudflare Sets September 15 Permission Rules For AI Agent CrawlersCapital & PolicyJul 13, 2026Cloudflare Sets September 15 Permission Rules For AI Agent CrawlersCloudflare will block Agent and Training crawler traffic by default on ad-supported pages from September 15 for several customer groups, while Search remains allowed, according to AI News. Enforcement still depends on crawler behaviour labels.Railway Raises $100 Million As AI Coding Pushes Cloud Deployment ClaimsCloud & Data CentersJul 13, 2026Railway Raises $100 Million As AI Coding Pushes Cloud Deployment ClaimsRailway raised $100 million in a Series B round led by TQ Ventures, with the cloud startup citing more than 10 million deployments each month and two million developers, VentureBeat reported. Railway described sub-second deployment, customer cost-saving claims and its own data-centre buildout, but public detail did not include audited benchmarks, full enterprise contract values or customer-by-customer deployment scope.AICB Survey Says 44% Of Malaysian Banks Are Developing AI ReadinessFintech & Digital PaymentsJul 13, 2026AICB Survey Says 44% Of Malaysian Banks Are Developing AI ReadinessTechNode Global, citing source-owned material from AICB, reported that AICB’s Malaysian banks AI readiness survey put 44% of banks and development finance institutions in the developing stage of AI readiness. AICB said the survey drew on responses from 87 senior leaders, but the public source record did not name individual banks, provide production deployment counts, publish institution-level budgets or customer-impact metrics, or set out a timetable for closing the governance gaps.