Trail of Bits forges a ZK proof to beat Google's quantum cryptanalysis, NIST abandons CVE enrichment for most vulnerabilities, and Cloudflare ships Agent Memory for persistent AI knowledge

Risky Business

NIST Abandons Enrichment of Most CVEs, Fragmenting Vulnerability Data

NIST announced it will stop enriching the vast majority of CVEs starting April 15, 2026, focusing resources only on actively exploited vulnerabilities, federal agency flaws, and critical software such as operating systems, browsers, and VPNs. The decision stems from the explosion in CVE volume — over 48,000 published last year with tens of thousands in backlog — that the agency can no longer manage with current resources. The shift removes NIST's independent CVSS severity scoring, replacing it with vendor-assigned ratings that often understate risk. Without a centralized source of truth, organizations must now aggregate vulnerability data from multiple vendors while their tooling develops independent enrichment capabilities — a gap expected to widen as AI-powered vulnerability discovery continues to accelerate CVE publication rates.

Cloudflare Blog

Cloudflare Agent Memory: Persistent Knowledge Management for Long-Running AI Agents

Cloudflare launched Agent Memory, a managed persistence layer for AI agents that preserves searchable context as conversations grow over weeks or months. The system uses a multi-pipeline architecture combining Durable Objects for storage, Vectorize for semantic search, and Workers AI for intelligent memory extraction and classification — organizing interactions into facts, events, instructions, and tasks with deduplication and supersession chains. This solves a critical production problem where agents must balance context quality against window size limits: temporary conversation data is converted into persistent institutional knowledge that grows more valuable over time. Primary use cases span individual coding assistants, shared team memory for collaborative knowledge bases, and cross-function coordination where multiple autonomous agents share feedback and learned patterns.

Cloudflare Blog

Cloudflare Unweight: Lossless LLM Compression Cuts Model Size by 15–22%

Cloudflare introduced Unweight, a lossless compression technique that reduces LLM model weights by 15–22% without degrading output quality. The approach exploits a statistical property of BF16-formatted neural network weights: the top 16 exponents account for 99% of all values in typical layers, enabling selective Huffman coding of exponent bytes while leaving sign and mantissa data unchanged. A specialized GPU kernel decompresses data in fast shared memory during matrix multiplication, achieving approximately 3 GB of VRAM savings on models like Llama 3.1 8B — allowing Cloudflare to pack more models per GPU and reduce inference costs. The current trade-off is a 30–40% throughput overhead from the decompression step, which the team treats as worthwhile for production cost savings while continued optimization reduces the penalty.

California Dreamin'

iTerm2 SSH Integration Flaw Enables Code Execution via cat readme.txt

Researchers discovered a critical vulnerability in iTerm2 that enables arbitrary code execution through a simple cat readme.txt command by exploiting the terminal's SSH integration protocol. The attack uses specially crafted terminal escape sequences (DCS 2000p and OSC 135) to impersonate legitimate SSH conductor sessions, tricking iTerm2 into executing attacker-controlled code without requiring real remote infrastructure. The vulnerability is significant because it exposes how terminal escape sequence handling creates unexpected attack surfaces — file output that appears harmless to users becomes a code execution vector through protocol state manipulation. Apple shipped a fix on March 31, 2026, though it had not yet reached the stable release channel at publication time.

Hacker News

smolvm: Hardware-Isolated Virtual Machines with Container-Like Coldstart

smolvm is a CLI tool that creates portable, isolated virtual machines with minimal resource overhead by leveraging hardware-level isolation via Hypervisor.framework on macOS and KVM on Linux. It achieves sub-200ms boot times with elastic memory management while providing genuine hardware security boundaries — making it suitable for sandboxing untrusted code with networking disabled by default and SSH agent forwarding supported. The project uses OCI container image standards, allowing developers to pull from Docker Hub and other registries without a Docker daemon, and packages workloads into portable .smolmachine artifacts for cross-platform deployment. The project bridges the security guarantees of traditional VMs with the convenience and performance characteristics of containers, targeting secure supply chain execution and isolated workloads at scale.

LeadDev

Snap Cuts 1,000 Jobs Citing AI Efficiency, Analysts Point to Investor Pressure

Snap is eliminating 1,000 positions and closing 300 open roles to save $500 million annually, with CEO Evan Spiegel citing AI's growing capabilities as enabling the workforce reduction. Analysts are skeptical of the AI-as-primary-driver narrative, noting that activist investor Irenic Capital had recently pressured the company to cut exactly $500 million in costs and reduce headcount by 21% — suggesting financial imperatives rather than technological breakthroughs are the real motivation. Snap claims 65% of new code is AI-generated, but industry experts observe that most AI implementations augment rather than eliminate jobs, raising questions about whether AI is genuinely transforming efficiency or serving as convenient framing for restructuring. The episode reflects a broader tech industry pattern where AI adoption stories are used to justify workforce cuts driven by over-hiring or investor demands.

Discourse Blog

Discourse Stays Open Source, Argues Transparency Is the Better Defense

Discourse publicly rejected the recent trend toward closing source code, reaffirming its commitment to remaining open source under GPLv2 despite arguments that AI tools make open codebases more vulnerable to automated attacks. The company countered Cal.com's closure announcement by arguing that closed source provides false security — since web applications expose significant logic in browsers anyway — while open code enables defenders to use the same AI scanning tools against attackers. Discourse's position is backed by practice: the team already proactively scans its codebase with AI models during each release cycle to patch vulnerabilities before adversaries find them, treating transparency as a force multiplier for defense rather than a liability.

Anthropic

Claude Design: Anthropic's Visual Creation Tool Launches in Research Preview

Anthropic unveiled Claude Design, an AI-powered visual creation tool available in research preview for Claude Pro, Max, Team, and Enterprise subscribers. The platform enables teams to collaborate with Claude Opus 4.7 to create polished designs, prototypes, presentations, and one-pagers from multiple input types — text, images, documents, and website captures — with automatic brand system integration and direct export to Canva, PDF, PPTX, and HTML. Early adopters like Datadog report the tool reduces design work that previously took a week to a single conversation. The launch positions Claude as an end-to-end creative assistant bridging ideation and implementation, making professional-quality design accessible to non-designers while enabling designers to iterate faster.

Claude Code Camp

Claude 4.7's Tokenizer Costs 20–30% More Per Session Than Documented

An independent benchmark of Claude 4.7's tokenizer found token consumption higher than Anthropic's official 1.0–1.35x estimate — averaging 1.325x for Claude Code content but reaching 1.47x for technical documentation and 1.29–1.39x for code files. The practical cost impact is significant: an 80-turn session jumped from $6.65 to $7.86–$8.76, a 20–30% increase despite unchanged pricing. While the model shows modest instruction-following improvements (+5 percentage points on IFEval), the main takeaway for developers is to budget for the upper end of token estimates rather than averages, particularly for code-heavy workflows where rate-limit constraints and cached prefix costs tighten proportionally.