The Register

Exploit hasn't been picked up by any malware detection engines, CEO tells The Reg A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Redmond plans to release an official one - along with a working exploit circulating online....

And the earlier React2Shell patch is vulnerable If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Server Function source code, so anyone using RSC or frameworks that support it should patch quickly....

Executive order sidesteps Congress and sets up Litigation Task Force President Trump and his patrons in big tech have long wanted to block states from implementing their own AI regulations. After failing twice to do so in Congress, the US president has issued an executive order that would attempt to punish states that try to restrain the bot business....

Protests force disclosure of costs totaling $16,000 per student over 7 year rollout replacing 80 legacy systems The total cost of a Workday implementation project at Washington University in St. Louis is set to hit almost $266 million, it was revealed after the project was the subject of protests from students....

It's getting crowded up there Earth's orbit is starting to look like an LA freeway, with more and more satellites being launched each year. If you're worried about collisions and space debris making the area unusable - and you should be - scientists have proposed a new metric to contribute to your anxiety: the CRASH Clock....

Bank sketches four scenarios in which monetization falters or demand swamps supply by 2030 Goldman Sachs warns that datacenter investments may fail to pay off if the industry is unable to monetize AI models, but hedges its bets by saying that demand could also overwhelm available capacity by 2030....

Critical vulnerabilities found in third-party applications eligible for award under 'in scope by default' move Microsoft is overhauling its bug bounty program to reward exploit hunters for finding vulnerabilities across all its products and services, even those without established bounty schemes....

Justice Department alleges federal auditors were misled over compliance with FedRAMP and DoD requirements The US is suing a former senior manager at Accenture for allegedly misleading the government about the security of an Army cloud platform....

Competition Appeal Tribunal to decide if multibillion-pound overcharging case can go to trial Stop us if you've heard this one before. Microsoft is in court regarding allegedly sharp software licensing practices....

Rights groups say digital-only record is leaking data and courting trouble Civil society groups are urging the UK's data watchdog to investigate whether the Home Office's digital-only eVisa scheme is breaching GDPR, sounding the alarm about systemic data errors and design failures that are exposing sensitive personal information while leaving migrants unable to prove their lawful status....

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state-linked crews Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ranging from bargain-basement cryptominers to state-linked intrusion tooling....

Analysts say the shift offers stability, but embedded usage caps ensure vendors keep control Salesforce CEO Marc Benioff last week came closer to answering a multibillion-dollar question when he said seat-based pricing - with some caveats - was becoming the norm for its AI agents after flirting with pricing based on consumption and per-conversation payments....

Replacement rollout plagued by bad data and missing features, says watchdog Despite completing its rollout of a new case management system, Home Office caseworkers are still referring back to data in a 25-year-old legacy system when processing asylum claims, according to a public spending watchdog....

Getting that confession took hours, during which L1 and L2 support gave up On Call Welcome once more to On Call, the Friday column in which we share stories of tech support incidents that went pear-shaped until cunning Reg readers stepped in to save the day....

Forum site says it's potentially more harmful to users who don't log in Forum site Reddit has filed a case that seeks to exempt itself from Australia's ban on children under 16 holding social media accounts....

Judge said his fraud was on 'epic, generational scale' Terraform Labs founder Do Kwon will spend 15 years in jail after pleading guilty to committing fraud....

Chips 'n' code giant sitting on $50bn of custom AI accelerator orders, sees more to come Silicon photonics won't matter in the datacenter anytime soon," according to Broadcom CEO Hock Tan....

The dream of electric sheep gets a reality check from Moore's Law You want artificial general intelligence (AGI)? Current-day processors aren't powerful enough to make it happen and our ability to scale up may soon be coming to an end, argues well-known researcher Tim Dettmers....

Broadcom told The Register that EMEA customers need to check with their local dealer to see if VVF remains on the menu Exclusive Broadcom has recently killed off VMware vSphere Foundation in parts of EMEA, the company told The Register, dealing a blow to smaller customers, one of whom told us they would likely switch to a rival hypervisor as a result....

Begun, these AI wars have Amid controversy over its ability to generate content with copyrighted characters, OpenAI has struck a three-year deal with Disney to license more than 200 Disney, Pixar, Marvel, and Star Wars characters for use in Sora videos and ChatGPT Images....

Operators accidentally left a way for you to get your data back CyberVolk, a pro-Russian hacktivist crew, is back after months of silence with a new ransomware service. There's some bad news and some good news here....

Org argues that the approval process was flawed and regulators should have known better A trade group of European cloud providers has laid into the European Commission's decision to allow the VMware-Broadcom merger to go ahead, alleging that it failed to assess the infrastructure and semiconductor company's incentives to massively raise prices on customers....

So far, Overview Energy says it has only beamed power from a moving aircraft to standard solar panels You can't generate solar power at night unless your panels are in space. A startup that wants to beam orbital sunlight straight into existing solar farms has just emerged from stealth, claiming a world-first power-beaming demo, but with a lot of critical information left unreported....

No details, no CVE, update your browser now Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world's most popular browser's eighth zero-day bug of 2025....

UK data regulator says failures were unacceptable for a company managing the world's passwords The UK's Information Commissioner's Office (ICO) says LastPass must cough up 1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up to 1.6 million UK users....

Preserving not just updates, but also lots of the now-deleted optional extras Legacy Update was already extremely useful if you chose to disembark from Microsoft's upgrade railroad. Now it's even more so....

Eight-hour EVA was also first outing for new spacesuits A pair of taikonauts ventured outside China's Tiangong space station this week to take a closer look at the cracked viewport window of the Shenzhou-20 vehicle....

DOE lays out $320M plan for science platform linking national labs, industry, and academia President Trump's "Genesis Mission" is taking shape with the award of more than $320 million from the Department of Energy (DOE) to advance AI in scientific research....

Skills gained later fed Beijing's cyber operations, according to SentinelLabs expert A security researcher specializing in tracking China threats claims two of Salt Typhoon's members were former attendees of a training scheme run by Cisco....

Copilot - your cuddly companion for nighttime introspection Microsoft analyzed 37.5 million de-identified Copilot conversations from January to September 2025, excluding commercial and educational accounts. The findings reveal distinct usage patterns based on device, time, and day....

Flare warns devs are unwittingly publishing production-level secrets Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank....

Aerospace giant faces 'massive work' to move legacy ERP systems to S/4HANA as support deadline looms Exclusive Airbus is undertaking a major overhaul to migrate its sprawling SAP environment to S/4HANA - and potentially to the cloud - as the aerospace giant grapples with the same deadline pressures facing thousands of enterprise customers worldwide....

Workers frustrated with security-first changes to workflows and teething issues Exclusive Seven months after a landmark cyberattack, the UK's Legal Aid Agency (LAA) says it's returning to pre-breach operations, although law firms are still wrestling with buggy and more laborious systems....

Proposes central body to collect royalties and dole out cash to creators The government of India wants AI companies to pay for accessing content they use to train models, but only once they start producing revenue....

Chute opened early and snagged on a stabilizer VIDEO An Australian parachuting club has been told to improve the software it uses to manage jumps, after an accident in which a jumper's chute hooked on an aircraft's tailplane....

Didn't phone home as expected on December 6th and nobody knows why Houston, we have a problem: NASA has lost contact with the Mars Atmosphere and Volatile EvolutioN (MAVEN) spacecraft....

Blame changed market conditions and attitudes, not the return of Nvidia's H200 to China Chinese tech giants Hygon and Sugon have called off their planned merger....

But if you assume cloud IOUs will be fulfilled, business is booming Oracle expects its FY 2026 capital expenditures will be $15 billion higher that previously predicted, as the cloudy database biz invests to accommodate AI workloads....

If you opt in to the paid service that is updated Nvidia is developing a new inventory management service that could be used by customers to verify the location of their existing GPU stockpiles....

More than half of internet-exposed instances already compromised Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn't yet have a fix....

Yeah, not shocking, but with other studies linking AI to weaker learning and mental-health risks, it's a worry Alongside TikTok and Instagram, teens have added ChatGPT to the mix. Pew says about two-thirds of US teenagers have tried an AI chatbot, with nearly a third using one every day. Negative mental-health warnings be damned!...

Publishers now have more comprehensive tools for managing automated content harvesting Most big AI providers scrape the open web, hoovering up content to improve their chatbots, which then compete with publishers for the attention of internet users. However, more AI orgs might have to pay up soon, because the Really Simple Licensing (RSL) spec has reached version 1.0, providing guidance on how to set machine-readable rules for crawlers....

Meet 'ShipOS' Palantir and the US Navy have signed a two-year deal to test whether its Foundry operational software can streamline the nation's shipbuilding efforts and steer the Secretary of the Navy's top budget priority into port....

California chipset giant says it'll develop Arm and RISC-V CPU cores in parallel Qualcomm could soon be serving up RISC-V cores alongside its custom Arm ones following the acquisition of Ventana Micro Systems on Wednesday....

The digital intrusion allegedly caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility A Ukrainian woman accused of hacking US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups was extradited to the US earlier this year and will stand trial in early 2026....

Devs and users should know better, Microsoft tells watchTowr Security researchers have revealed a .NET security flaw thought to affect a host of enterprise-grade products that they say Microsoft refuses to fix....

Countries subject to newly proposed rule include supposed trusted friends like the UK, France, and Germany The next time someone visits the US, customs may ask to see their passport, their Facebook feed, and all of their Instagram posts. The United States maintains a list of 42 countries whose citizens are allowed to enter without a visa, but visitors from those nations may soon have to provide five years' worth of their social media history in order to gain entry....

1,500 military digital defenders spent the past week cleaning up a series of cyberattacks on fictional island Andravia and Harbadus - two nations so often at odds with one another - were once again embroiled in conflict over the past seven days, which thoroughly tested NATO's cybersecurity experts' ability to coordinate defenses across battlefield domains....

Recent collision data points to comparable injury rates across modern vehicle types Electric cars are no more of a danger to pedestrians than conventional vehicles, according to new research....

They're now good enough to do things well, if you take the time to learn how to steer them Opinion For most of the last year, the phrase 'vibe coding' seemed more punchline than possibility. That outlook altered significantly over the last month after step-changes in quality mean vibe coding tools now generate code that's good enough to rewrite expectations about how IT will operate before the end of this decade....