Our hosted subscribe forums now will conditionally show CAPTCHAs to subscribers in the event that we think they are right on the edge of being spammy or problematic. There's nothing you need to do: if you've got your firewall enabled, just know that the firewall is slightly smarter this week than it was last week.
If you want to hear a bit more about the technical details, strap in (do people still say that?):
We've wanted to do this for a while, and one of the larger reasons why we've dragged our feet is because it's not super obvious how to roll this out for more esoteric use cases, such as subscribing via an embed endpoint. Now that our internal architecture for the firewall is a little more battle-tested though, we're able to do this in an elegant and extendable way. You can think of the firewall as a black box shaped like a linear regression. You give it a bunch of variables, some of which can be optional, and it spits out a result.
Note that the firewall isn't literally a regression. We've handwritten all the heuristics that it uses, but the core idea is there, which is we can horizontally add more data points over time, and the black box itself can get smarter even if any given input doesn't contain all of the possible things.
This still leaves the question of how to surface this to use cases like form endpoints or REST API where we can't just inject a turnstile. One such option is to create a new subscriber type such as needs capture that you can then pass to a subscriber who then completes the subscription flow themselves. This is not dissimilar to payment methods such as 3D Secure. This feels like unnecessary complication for now, but we are interested in investing further both on the ergonomics and performance of the firewall. We know that a number of folks have gotten hit hard by false positives lately as we've had to really bolster some of the architecture here because, frankly, we're just getting attacked with a lot of spam. Thank you for your patience, and if you have feedback in any direction on the firewall, subscriber management writ large, please let us know.