The Register

CISA gives federal agencies 4 days to patch

America's lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.…

Still only a tiny slice of mobile activity overall

The US and Starlink lead the way in the still-young direct-to-device (D2D) satellite market, where the number of connections recorded by Ookla rose nearly 25 percent between July 2025 and March 2026.…

Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.…

Bun is fast as a toolkit but can leak memory in production, causing slowdowns and crashes

A new version of the Bun JavaScript runtime and toolkit is out with enhanced testing support and improved memory management. The latter is a critical issue to devs and follows complaints of memory leaks causing problems in production.…

Change is glacial, but the direction is clear

It might look like a map of the London Underground designed by a madman, but Gartner's newly-completed DBMS Market Share Ranks: 2011-2025 has an important message. The change may be glacial, but (most of the) dominant database vendors are slowly losing their grip on the market.…

Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million

The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting US businesses has pleaded guilty, months after his two co-workers did the same.…

One of two second stage engines misbehaved, administration must sign off report before flights resume

Blue Origin's New Glenn loss of a satellite has been classed as a "mishap" by the US Federal Aviation Administration (FAA), triggering a mandatory investigation.…

An $899 CPU? In this economy?

Review  Ever since AMD's cache-stacked Ryzen 7 5800X3D closed the gap with Intel in gaming, folks have wondered: if one V-Cache chiplet is good, surely two must be better. With the launch of the Ryzen 9 9950X3D2 Dual Edition (DE), we finally have our answer.…

CEO suspects silicon sidekick behind 'surprising velocity' breach - cyber crims shop stolen data for $2M

Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with "surprising velocity" and a deep understanding of the company's infrastructure.…

Mexican IT services firm admits it was hacked, but says client operations weren't affected

A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance footage to a cybercrime forum.…

No facial recognition privacy intrusions either! Well, maybe a little

London's Metropolitan Police is trialing new retail technology to help curtail the city's pervasive shoplifting problem… and it doesn't rely on live facial recognition (LFR).…

90% of schools already compliant, but at least now there's paperwork

Ministers are moving to turn England's patchwork of school phone bans into law, after peers backed fresh changes to the Children's Wellbeing and Schools Bill in a Monday vote.…

Excessive friendliness may cause users to forget they're talking to a very confident autocomplete

A study into how humans interact with chatbots suggests the fastest way to make an LLM feel human isn't making it smarter – it's making it seem nicer.…

Spoiler: There's no magic value. Just a timer, some kernel calls, and too much coffee

Windows has always had a built-in portal to the very recent past: Task Manager's CPU usage meter.…

US-based cloud providers could have to disclose certain data under American legal orders

Updated  The European Commission has awarded four contracts designed to advance cloud sovereignty in the EU, but one uses services from S3NS, a joint venture between Thales and Google Cloud, raising questions about its real independence.…

Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole

UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting.…

Admins are tired of taking photos, so this enables secure on-site unattended enrolment

Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated devices and environments.…

And China is loving it

Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations.…

Dud contracts, proprietary designs, and zero-experience supplier make for quite the mess

The NASA Office of Inspector General, the aerospace agency’s auditor, fears that work on next-generation spacesuits won’t finish in time to use them for the planned Artemis III Moon landing mission in 2028.…

A lesson in how not to respond to vulnerability reports

UPDATED  Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users' sensitive info, including credentials, chat history, and source code. However, the company’s story keeps changing: First it attributed the publicly exposed info to "intentional behavior" and "unclear documentation," then threw bug-bounty service HackerOne under the bus.…