Internet is not working properly again.
Just weeks after the Cloudflare outage that took down many of the web’s biggest websites, it’s back to experiencing technical glitches that are rippling across the internet. A variety of seemingly disconnected websites, from Canva to LinkedIn, were attacked.
The problems are yet another example of a concern that has plagued the Internet for years: that the Internet is too fragile. Any outage in web infrastructure providers shows that what appears to be a broad and flexible system is actually both centralized and fragile.
Companies like Cloudflare typically provide invisibility services that ensure websites can stay up even when an unexpected influx of visitors comes, whether through an onslaught of real people or attacking bots. Today’s web relies heavily on a limited number of companies—Google and Amazon, as well as Cloudflare—to provide this kind of technical support.
Few large web infrastructure companies of this type offer benefits such as economies of scale, which mean that even small websites can enjoy significant protection. But they also represent a significant weakness in the Internet.
Cloudflare itself appears to recognize these complaints when it sends out an update about the outage, after it was fixed on Friday. Dane Knecht, its chief technology officer, wrote: “Any outage to our systems is unacceptable and we know we’ve taken the internet down again.”
“This issue was not directly or indirectly caused by a cyberattack on Cloudflare’s systems or malicious activity of any kind,” Mr. Knecht wrote. Instead, he explained, it was the result of a poorly implemented update that was actually intended to fix another vulnerability.
In some ways, the nature of the outage may indicate that some concerns about the centralization and fragility of the web have now been addressed. Many of the most prominent sites that went down last time — from ChatGPT to X, formerly known as Twitter — were not aware of the latest problems, perhaps suggesting that lessons have definitely been learned.
Cloudflare itself has made changes to its systems in an effort to prevent such large-scale outages. The company said that in the wake of its latest update, it’s working to “make changes to prevent a widespread impact like these single updates” — but they’re still set to go live.
Additionally, Cloudflare’s transparency in the November and December outages means that people can find out exactly what went wrong if they want to. Many of the technologies that power the web today are built by companies that resist explaining what they’ve done, made possible by the fact that they have so much power that they don’t necessarily need to.
But even amid these comforting thoughts, experts warn that the dangers of the relatively centralized nature of today’s Internet are becoming more apparent.
“Cloudflare’s outage is another reminder of how dependent mainstream systems are on multiple cloud infrastructures around the world,” said Feng Li, vice president of research and innovation at Biz Business School.
“This latest episode, along with the AWS outage in October and the disruption it caused, should be another wake-up call for cloud providers to strengthen regional isolation, ensure that critical control planes can be safely shut down, and maintain communication transparency with users during such incidents. This last point is critical because trust in the provider often depends as much on the speed of clear, clear updates as it does itself.
“For too long, people have used cloud services as a single point of reliability instead of accepting shared responsibility. With such dire consequences globally, a multi-region or multi-cloud architecture must be implemented as a fail-safe. Incident response and customer communication plans must assume that a provider outage is a matter of when, not if.
Cloudflare will inevitably be the subject of user frustration and business disruption.
“This latest outage continues to raise the question of what happens when the collapse of digital infrastructure in one part of the world can have such significant global consequences? It’s a question that regulators, companies and researchers alike must grapple with.”
Experts warned that the problems are unlikely to stop. As such, those handling such critical situations must ensure that they are in a better position to respond to them.
Andrew Junet, technology partner at Simmons & Simmons, said: “2025 has been full of events related to cloud computing, whether environmental, geopolitical or technological. All of these repeatedly highlight the challenges and risks inherent in the current architecture of our global cloud environments.
Today’s outage is another reminder that understanding your technology infrastructure and dependencies, and mitigating or accepting areas of risk at “single points of failure,” is critical. As we head into 2026, there are few signs that the root causes of the issues that arose in 2025 are likely to change, so your technology and operational approaches must deliver the same results, or your business services will be unaffected. “Regulators who usually follow them.”
