Firewall incidents often arrive wrapped as software failures. Today’s lead is narrower and more awkward: a credential set tied to Fortinet perimeter devices, reported at roughly 74,000 firewall and VPN URLs, where rotation and audit trails matter as much as firmware.
Elsewhere, governments and platforms are putting names on agent access, creative tools are learning to carry project state, and infrastructure bottlenecks are showing up in optics and runtimes.
Featured source: TechRadar , BleepingComputer , Hudson Rock . The data source and original compromise path were not public at publication.
Technology Briefs
Estonia Proposes Digital IDs for AI Agents
Estonia’s government said its Eesti.ai advisory board backed official AI ID codes for agents acting on behalf of people, companies, or organizations. The proposal frames agent access as a bounded identity problem: permissions, provenance, and audit records must survive beyond the chat window.
Filed from: The Register , Government of Estonia .
AI Access Becomes a G7 Procurement Risk
TechCrunch and Euronews reported concern among G7 officials that access to American AI models could be restricted abruptly. The procurement issue is continuity: model capability matters less when a vendor, regulator, or export order can remove access faster than an organization can replatform.
Filed from: TechCrunch , Euronews . The underlying U.S. export order was not public at publication.
Copilot Leans on Caching and Model Routing
GitHub described Copilot changes around prompt caching, deferred tool discovery, and Auto model selection. The mechanism is familiar from larger agent systems: keep repeated context cheap, expose tools only when needed, and route work according to task intent and model health.
Filed from: GitHub Blog , GitHub Docs .
Cloudflare Opens More Agent Runtime Machinery
Cloudflare said its Agents SDK is becoming a runtime layer for multiple harnesses and frameworks, starting with Flue. The pieces named in the release–Durable Objects, fibers, recovery hooks, sandboxed code execution, and virtual workspaces–move agent work closer to a supervised execution platform than a stateless API wrapper.
Filed from: Cloudflare Blog , Cloudflare Docs .
Coherent Expands Indium Phosphide Capacity in Texas
Coherent is expanding its Sherman, Texas, indium phosphide photonics facility with a CHIPS Program letter of intent, state and local support, and NVIDIA-linked demand. The plan doubles production space and targets a fourfold increase in wafer capacity for optical links used in AI infrastructure.
Filed from: The Register , Coherent , NIST .
Adobe Puts Firefly Assistants Into Creative Apps
Adobe added Firefly AI Assistant capabilities to Premiere, Illustrator, InDesign, and Frame.io. The tasks named by Adobe and TechCrunch–sorting footage, batch-renaming clips, marking interview questions, checking missing fonts, and reorganizing layers–put AI into project state and workflow cleanup rather than only image generation.
Filed from: TechCrunch , Adobe .
FreeBSD 15.1 Ships With Wireless and Cloud-Image Work
FreeBSD 15.1-RELEASE is available on the stable/15 branch. The project highlights LinuxKPI wireless driver updates based on Linux v7.0, packaged-base cloud images that include pkg(8), and automatic base-system package updates on first boot.
Filed from: The Register , FreeBSD announcement , FreeBSD release notes .
The firewall story is visually boring in the right way. A leaked password list, a perimeter box, a rotation queue, and a log review trail are still enough to decide whether an incident stays contained or becomes a long forensic excavation.
Community Signal
10,000 GitHub Repositories Distributing Trojan Malware
An independent researcher found over 10,000 GitHub repositories that distribute Trojan malware by cloning legitimate projects and adding a malicious zip link to the README. The repositories update every few hours, deleting the previous commit and pushing a new one with only a README change. The archives contain a loader executable that VirusTotal detects as a Trojan only when scanning the zip file, not the link. The researcher published a detection script and a full list of repositories. GitHub removed some after a two-month delay, but the scale suggests automated detection is insufficient.
Filed from: Orchid Files , Hacker News .
Persistent Agent Memory Layer on Elasticsearch with 0.89 Recall
Elastic published an architecture for a persistent, multi-tenant agent memory layer on Elasticsearch. It uses three indices (episodic, semantic, procedural) with hybrid retrieval (BM25 + dense vectors) fused via RRF and a cross-encoder reranker, achieving R@10 of 0.89 across 168 questions with zero cross-tenant leaks. The system handles supersession, time decay, and per-user document-level security. The full implementation is open-source on GitHub.
Filed from: Elastic Search Labs , Hacker News .
.gitignore Isn’t the Only Way to Ignore Files in Git
Git offers three levels of ignore files: the repository-level .gitignore (checked in), the per-repo exclude file at .git/info/exclude (not checked in), and the global ignore file at ~/.config/git/ignore (machine-wide). Use git check-ignore -v to determine which file is ignoring a given path. The global file is ideal for patterns like .DS_Store on macOS, while the exclude file handles personal workflow files without affecting the team’s .gitignore.
Filed from: Nelson Figueroa , Hacker News .
