Cloudflare's record quarter came with 1,100 layoffs
On Thursday, Cloudflare reported the highest-revenue quarter in its 16-year history. On the same earnings call, it announced the first mass layoff in its 16-year history. The stock dropped 24%. The CEO didn't try to hide the connection. He said it out loud.
Meanwhile, the AI-versus-AI security war that's been theoretical since last spring went operational this week. Google says it thwarted an AI-enabled mass exploitation event. OpenAI shipped a cyber-specialized variant of GPT-5.5 to vetted security teams. Anthropic's Mythos vulnerability discoveries are starting to flow downstream as CVEs.
Let's get into it.

Record quarterly revenue. First mass layoff in 16 years. Stock down 24%. Same earnings call.
โก The Big Story: Cloudflare's $640M Quarter (and 1,100 Jobs)
Last Thursday, Cloudflare reported Q1 2026 revenue of $639.8 million, up 34% year-over-year, the highest single quarter in the company's history. Then CEO Matthew Prince told analysts the company was cutting 20% of its workforce, about 1,100 people. Stock fell 24% after hours. It was the first mass layoff in Cloudflare's 16-year history.
Three details set this apart from the Meta and Microsoft cuts two weeks ago. First, Cloudflare isn't a hyperscaler swapping headcount for GPUs. It's a profitable infrastructure-and-security company that just had its best quarter. There's no margin pressure to point at. Second, the layoffs cut across every team and every geography except sales reps carrying revenue quotas. Engineering, marketing, finance, HR, and support all took proportional cuts. Third, Prince explicitly told the call this was about a new mix of roles, not cost reduction.
On the call, Prince said internal AI usage at Cloudflare grew 600% in the last three months. AI agents are now embedded in HR, marketing, finance, and engineering workflows. When analysts pushed him on the layoffs, his answer was the cleanest version of this argument I've heard from any CEO. Being fit doesn't mean you can't get fitter, he told them. The productivity gains from people directly talking to customers and writing code have been incredible. A lot of the support roles behind them are not going to be the roles that drive companies going forward.
Prince also told the call he expects Cloudflare's headcount in 2027 to be higher than at any point in 2026. They will keep hiring. Just not for the same roles.
My take: Three things to pull apart.
First, this is the substitution thesis from Issue #019 playing out in a single P&L in a single quarter. Meta and Microsoft are converting payroll into compute. Cloudflare is converting payroll into productivity. Different mechanisms, same direction. And in Cloudflare's case, the math is unusually clean because they had no financial reason to make the cut. The decision was structural, not defensive.
Second, watch what Prince said about who he isn't cutting: salespeople with revenue quotas. The roles that survive in this restructuring all have one thing in common, which is direct, measurable value creation. If you can be replaced by a workflow, you are at risk. If you can show up on the revenue line by name, you are not. Every IC trying to figure out where they sit on that spectrum just got a clearer answer.
Third, the 24% stock drop is the part most coverage missed. Wall Street did not reward the AI restructuring narrative. The market read the cut as a defensive move and punished it. That's an interesting tell. For two years, "we're using AI to do more with less" was a stock-pumping line. This week, a clean version of that argument cost shareholders $5 billion in market cap by Monday morning. Investors may be starting to ask whether the productivity gains will actually show up in the operating income line, or whether companies are just running on the same revenue with fewer humans and calling it growth.
๐ก๏ธ The Other Big Story: The AI Security War Goes Operational

Google says it stopped a "mass exploitation event" enabled by AI tooling. OpenAI shipped a cyber-only variant of GPT-5.5. The defenders just declared war back.
Three announcements landed inside 96 hours this week, and they only make sense together.
Monday, May 11. Google's Threat Intelligence team disclosed that it disrupted a criminal threat actor preparing what it called a "mass exploitation event" using AI vulnerability-discovery tools. Google described its own proactive counter-discovery as the reason the event didn't happen. The hacker group was not named. Google also explicitly stated that Gemini was not used in the attempt, suggesting open-source or competitor tooling.
Same week. OpenAI quietly began rolling out GPT-5.5-Cyber in limited preview to vetted security teams. It's a cybersecurity-specialized variant of the flagship model. The pitch is faster red-team workflows, better vulnerability triage, and automated patch suggestions. Access is restricted in roughly the same way Anthropic restricted Mythos.
Continuously. The first wave of CVEs from Anthropic's Project Glasswing began flowing through standard disclosure channels last week. ArmorCode's CTO called it a "vulnerability tsunami" in a post on Friday. Enterprise security teams running standard scanners are starting to see Mythos-discovered findings light up in their consoles, which means every org running affected operating systems, browsers, or open-source libraries now has new criticals to triage.
My take: For about a year, the AI cybersecurity story was a hypothesis. Attackers might use AI. Defenders might use AI. The asymmetry might favor one side or the other. As of this week, that hypothesis is operational on both sides simultaneously. Real attacks are being attempted with AI tooling. Real defenders are using frontier models to find vulnerabilities at machine speed. The escalation feedback loop just turned on.
The practical implication for most readers is the Glasswing tsunami. Per Anthropic's own data, fewer than 1% of vulnerabilities found by Mythos have been patched. That ratio cannot hold. Either the patching infrastructure dramatically scales up, or the unpatched backlog becomes the new attack surface for the next round of automated exploitation. The Five Eyes intelligence agencies (the US, UK, Canada, Australia, and New Zealand) jointly released agentic-AI security guidance this week, called "Careful Adoption of Agentic AI Services." Worth a read for anyone building or buying agentic infrastructure.
There's also a quiet structural point worth flagging. Anthropic's containment strategy (give Mythos to forty-ish defenders, withhold from the public) is showing its limits. LSE's media policy team published a piece this week arguing that capability of this kind has never stayed contained for long. Nuclear weapons took four years to spread from one country to two. Compute and code travel a lot faster than uranium.
๐ฏ Quick Hits
- Novo Nordisk signed a sweeping AI partnership with OpenAI covering drug discovery, clinical trials, manufacturing, supply chains, and commercial operations. Full deployment by end of 2026. CEO Mike Doustdar said the goal is to "supercharge" scientists, while also acknowledging the partnership will slow future hiring. Worth noting that Novo is fighting hard to regain market share from Eli Lilly in the obesity-drug race. AI is now part of that competitive equation, not adjacent to it. Read โ
- IBM's 2026 CEO study found 76% of organizations now have a Chief AI Officer, up from 26% last year. Among the more than 2,000 companies surveyed, 59% expect their CHRO's influence to grow as AI restructures work. A bit of survey-data caveats apply (these things always over-index on what's trendy), but the trajectory is hard to argue with. Read โ
- A federal court in California ruled that AI ad platforms can be considered "makers" of fraudulent statements under Rule 10b-5 securities law when the AI exercises "ultimate authority" over assembled ad content. The ruling creates new legal exposure for Meta, Alphabet, Snap, TikTok, and X Corp, all of which now have generative AI in their ad pipelines. First major precedent in the chain of "who's liable when the AI hallucinates a claim in an ad." Expect more.
- Critical CVSS 9.7 vulnerability disclosed in Cline Kanban, one of the most-used open-source AI coding agents. Any website a developer visits can silently exfiltrate workspace data, inject commands into the agent's terminal, or kill active sessions. The fix is in v0.1.60. If your dev team uses Cline, update today. Read โ
- Alibaba is integrating Qwen AI with Taobao to enable agentic shopping across 4 billion-plus products. Conversational search, virtual try-ons, 30-day price tracking, agent-initiated checkout. China's first true consumer-scale agentic commerce play. The US equivalent (Amazon's Rufus, or whatever OpenAI eventually ships with its commerce partners) is months behind. Read โ
๐ญ One Thing I'm Thinking About
Matthew Prince's "just because you are fit does not mean you cannot get fitter" line is going to age in a specific way, and I think it's worth saying out loud now.
It is, on its face, a reasonable thing for a CEO to say. Companies do need to evolve. Productivity tools do change which roles are valuable. The argument is internally consistent and has been used by every leader who has ever justified a restructuring.
But it papers over the part of the story that's actually new. For most of the last 40 years, productivity gains in tech meant a company could ship more product with the same team, or grow into adjacent markets. The model was additive. AI productivity gains are starting to look subtractive. Same revenue, smaller team. Same product, fewer humans. The fitness metaphor obscures that, because fitness implies growth. Cloudflare just had its biggest revenue quarter ever and used the win to cut 20% of its workforce. That isn't fitness. That's a different operating model entirely, and we don't have good language for it yet.
The companies figuring this out fastest are the ones being honest about it. Prince was direct. Meta's HR memo was direct. The Stanford AI Index data is direct. The harder question isn't whether this is happening. It's what kind of workforce we want to have on the other side of it, and who gets to make that call. So far, the answer is the CEOs do, one earnings call at a time.
๐ Local Angle: TechFest NC Is Happening Today and Tomorrow
If you're reading this Wednesday morning, TechFest North Carolina starts at 1pm today at the Durham Armory and Durham Convention Center. The opening keynote is Tony Kerrison, Head of Group Technology Infrastructure at Deutsche Bank. Right after that, an Accenture-sponsored executive conversation titled "Serving Securely: AI, Cyber Risk, and Public Trust" lands at 1:40pm. Given everything in this week's newsletter, that session may be the most relevant 35 minutes of programming in the Triangle this month.
Day two has a panel I'm specifically watching: "Apprenticeships, Early Careers, and AI-Ready Skills: How NC Is Building Its Next-Gen Tech Workforce," sponsored by Dell. With Cloudflare's layoffs and the Stanford AI Index data still fresh, I'm curious whether the panel actually engages with the substitution problem or treats it as adjacent. The Triangle's biggest workforce-development conversation should probably grapple with the question of whether the "next-gen tech workforce" being built has a job to go to.
Beyond TechFest, the Triangle continues its quiet run. Pryon's Series B is fully deployed. AbbVie's site prep in Durham started this month. Swarm landed three new enterprise pilots. The regional thesis I've been writing about (durable AI applications in regulated and applied industries) is showing up in real procurement budgets now, not just press releases. Which is the actual test.
๐ What's Coming
- May 13-14 โ TechFest North Carolina at the Durham Armory and Convention Center
- May 14 โ Air Street AI meetup, NYC; good signal-collection event if you're in the city
- May 20 โ Meta layoffs take effect
- Jun 8-12 โ Apple WWDC 2026 keynote; iOS 27 AI photo tools preview
- Aug 2 โ EU AI Act next phase takes effect, including penalties up to 3% of global revenue
If you're at TechFest today, enjoy it! See you next Wednesday otherwise.
Daniel
BullCity AI ยท Durham, NC
P.S. I'm working on a piece about how individual contributors are actually using AI to keep their jobs interesting (not safe, interesting). If you've quietly reshaped your own role this year so you'd actually want to keep doing it, hit reply and tell me how. No identifying details necessary. I want to feature the most useful examples in a future edition.
P.P.S. Anyone running Cline Kanban: update to 0.1.60 today before you do anything else. The vulnerability is bad enough that Oasis published the full technical writeup on Tuesday, which means proof-of-concept exploits are circulating by now.
