June 17, 2026
Report summary
7 stories cleared the bar, led by (untitled), (untitled), and (untitled).
Worth attention
(untitled)
An Axios investigation (via Simon Willison) reports that Anthropic's Claude models were taken offline after a clash with the White House over the 'Fable 5' jailbreak and export control designation. Sources close to Anthropic say 'they screwed us.' For any developer running Claude-dependent workflows (including second-brain, multi-agent setups), this is a concrete reminder that API availability is not guaranteed during policy disputes. Consider having a multi-provider fallback.
(untitled)
A security researcher documented a supply chain attack: a polished LinkedIn job offer directs the candidate to clone and run a GitHub repo that installs a persistent backdoor while appearing legitimate. The attack passes casual code review. Any solo developer who evaluates contractor code or does take-home tests should be aware of this vector and run unknown repos in sandboxes.
(untitled)
Simon Willison's datasette-agent MCP gains an `execute_write_sql` tool that requests user approval before writing to the database. This is a concrete, working implementation of the 'dangerous action requires human confirmation' pattern for agent workflows — directly applicable if you're building MCP tools that touch databases.
(untitled)
TIL from Simon Willison: Cloudflare WAF Managed Challenge rules can trigger CAPTCHA on requests with literal ampersands in the URL, breaking faceted search engines. Workaround: URL-encode ampersands or scope WAF rules more tightly. Easy to miss and hard to debug without knowing the cause.
(untitled)
Pro and Enterprise Vercel Functions (Node.js and Python) can now run up to 30 minutes, more than doubling the previous ~13-minute cap. Relevant for AI pipeline functions, document processing, or anything that previously required a separate queue/worker setup to handle the time limit.
(untitled)
Iroh, a Rust-based P2P networking library, hit v1.0. Uses public keys instead of IP addresses for connections, with NAT traversal and relay fallback. API is now stable. Worth tracking for agent-to-agent networking or building tools that need direct device connections without centralized infrastructure.
(untitled)
Typst 0.15, the modern LaTeX alternative, released with significant new features. Worth checking if you do any technical document generation or templated PDF production.
Full digest
API outage driven by Fable 5 jailbreak/export control conflict; plan for Claude API unavailability
Supply chain attack via polished job offer repo; installs persistent backdoor on clone+run
execute_write_sql with user approval — human-in-the-loop pattern for agent DB writes
WAF Managed Challenge triggers on & in URLs; fix: URL-encode or scope rules
Pro/Enterprise Node.js/Python; 2x previous cap
M
Iroh 1.0
Stable v1.0 Rust P2P library; keys not IPs, NAT traversal
Major release of modern document typesetting tool
Canary; rspack 2.0 + experimental Turbopack React compiler
Beta, Vercel-specific
Too niche
Editorial newsletter, no actionable claim
Policy commentary; covered by the main outage story
Duplicate angle on outage story
Historical tech story; not actionable
Social media link, no content
Creative hack; not actionable
Historical archive; not actionable
OS report; not relevant to stack
Duplicate of Iroh 1.0 blog post
Original markdown
# Morning memo — 2026-06-17 **Source failures (if any):** None observed. ## Worth attention - **Anthropic's Claude models went offline due to US government policy clash** — https://simonwillison.net/2026/Jun/15/axios-clashes-anthropics/#atom-everything An Axios investigation (via Simon Willison) reports that Anthropic's Claude models were taken offline after a clash with the White House over the 'Fable 5' jailbreak and export control designation. Sources close to Anthropic say 'they screwed us.' For any developer running Claude-dependent workflows (including second-brain, multi-agent setups), this is a concrete reminder that API availability is not guaranteed during policy disputes. Consider having a multi-provider fallback. - **A backdoor in a LinkedIn job offer** — https://roman.pt/posts/linkedin-backdoor/ A security researcher documented a supply chain attack: a polished LinkedIn job offer directs the candidate to clone and run a GitHub repo that installs a persistent backdoor while appearing legitimate. The attack passes casual code review. Any solo developer who evaluates contractor code or does take-home tests should be aware of this vector and run unknown repos in sandboxes. - **datasette-agent 0.3a0: execute_write_sql with user approval** — https://simonwillison.net/2026/Jun/15/datasette-agent/#atom-everything Simon Willison's datasette-agent MCP gains an `execute_write_sql` tool that requests user approval before writing to the database. This is a concrete, working implementation of the 'dangerous action requires human confirmation' pattern for agent workflows — directly applicable if you're building MCP tools that touch databases. - **Cloudflare CAPTCHA triggered by URLs containing ampersands** — https://simonwillison.net/2026/Jun/16/captcha-on-at-least-one-ampersand/#atom-everything TIL from Simon Willison: Cloudflare WAF Managed Challenge rules can trigger CAPTCHA on requests with literal ampersands in the URL, breaking faceted search engines. Workaround: URL-encode ampersands or scope WAF rules more tightly. Easy to miss and hard to debug without knowing the cause. - **Vercel Functions now support up to 30-minute execution** — https://vercel.com/changelog/vercel-functions-can-now-run-up-to-30-minutes Pro and Enterprise Vercel Functions (Node.js and Python) can now run up to 30 minutes, more than doubling the previous ~13-minute cap. Relevant for AI pipeline functions, document processing, or anything that previously required a separate queue/worker setup to handle the time limit. - **Iroh 1.0: Dial Keys, not IPs** — https://www.iroh.computer/blog/v1 Iroh, a Rust-based P2P networking library, hit v1.0. Uses public keys instead of IP addresses for connections, with NAT traversal and relay fallback. API is now stable. Worth tracking for agent-to-agent networking or building tools that need direct device connections without centralized infrastructure. - **Typst 0.15 released** — https://typst.app/blog/2026/typst-0.15/ Typst 0.15, the modern LaTeX alternative, released with significant new features. Worth checking if you do any technical document generation or templated PDF production. ## Full digest - [P] [simonwillison] Anthropic's Claude models went offline due to government clash — https://simonwillison.net/2026/Jun/15/axios-clashes-anthropics/ — API outage driven by Fable 5 jailbreak/export control conflict; plan for Claude API unavailability - [P] [hacker-news] A backdoor in a LinkedIn job offer — https://roman.pt/posts/linkedin-backdoor/ — Supply chain attack via polished job offer repo; installs persistent backdoor on clone+run - [P] [simonwillison] datasette-agent 0.3a0 — https://simonwillison.net/2026/Jun/15/datasette-agent/ — execute_write_sql with user approval — human-in-the-loop pattern for agent DB writes - [P] [simonwillison] Cloudflare CAPTCHA on URLs with ampersands — https://simonwillison.net/2026/Jun/16/captcha-on-at-least-one-ampersand/ — WAF Managed Challenge triggers on & in URLs; fix: URL-encode or scope rules - [P] [vercel-changelog] Vercel Functions now up to 30 min execution — https://vercel.com/changelog/vercel-functions-can-now-run-up-to-30-minutes — Pro/Enterprise Node.js/Python; 2x previous cap - [M] [iroh] Iroh 1.0 — https://www.iroh.computer/blog/v1 — Stable v1.0 Rust P2P library; keys not IPs, NAT traversal - [P] [hacker-news] Typst 0.15 — https://typst.app/blog/2026/typst-0.15/ — Major release of modern document typesetting tool - [R] [gh-nextjs] v16.3.0-canary.52 — https://github.com/vercel/next.js/releases/tag/v16.3.0-canary.52 — Canary; rspack 2.0 + experimental Turbopack React compiler - [R] [vercel-changelog] Workflow SDK inflight cancellation — https://vercel.com/changelog/workflow-sdk-now-supports-inflight-cancellation — Beta, Vercel-specific - [R] [vercel-changelog] Workflow SDK TanStack Start — https://vercel.com/changelog/workflow-sdk-now-supports-tanstack-start — Too niche - [R] [latent.space] AINews Satya on Loopcraft — https://www.latent.space/p/ainews-satya-on-loopcraft-building — Editorial newsletter, no actionable claim - [R] [simonwillison] Fable 5 Export Controls Harm US Cyber Defense — https://simonwillison.net/2026/Jun/16/fable-5-export-controls/ — Policy commentary; covered by the main outage story - [R] [simonwillison] Quoting Matteo Wong / Atlantic on Fable — https://simonwillison.net/2026/Jun/16/matteo-wong-the-atlantic/ — Duplicate angle on outage story - [R] [simonwillison] x86 emulator team — https://devblogs.microsoft.com/oldnewthing/20260615-00/?p=112419 — Historical tech story; not actionable - [R] [simonwillison] John Carmack on Fabrice Bellard — https://twitter.com/ID_AA_Carmack/status/2064095424420487226 — Social media link, no content - [R] [hacker-news] Banned Book Library in a WiFi Light Bulb — https://www.richardosgood.com/posts/banned-book-library/ — Creative hack; not actionable - [R] [hacker-news] Garden of Flowers typography archive — https://garden-of-flowers.heikkilotvonen.com/ — Historical archive; not actionable - [R] [hacker-news] FreeBSD 15 on a Laptop — https://www.sacredheartsc.com/blog/freebsd-15-on-a-laptop/ — OS report; not relevant to stack - [R] [hacker-news] Iroh 1.0 HN discussion — https://www.iroh.computer/blog/v1 — Duplicate of Iroh 1.0 blog post