The Register

NCSC boss says China's whole-of-state cyber machine has become Britain's peer competitor in cyberspace

State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.…

Plus news from its Dublin neighbors, Linux Mint

The latest point release of Zorin OS is here, as an interesting alternative to Linux Mint for those still searching for a replacement for Windows 10 as the dust settles over the ruins.…

Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot'

If a cyberattack leads to a death, that's murder. A former FBI cyber division chief urged the US Justice Department to consider felony homicide charges against ransomware actors when attacks on hospitals lead to patient deaths.…

CISA gives federal agencies 4 days to patch

America's lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.…

Still only a tiny slice of mobile activity overall

The US and Starlink lead the way in the still-young direct-to-device (D2D) satellite market, where the number of connections recorded by Ookla rose nearly 25 percent between July 2025 and March 2026.…

Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.…

Bun is fast as a toolkit but can leak memory in production, causing slowdowns and crashes

A new version of the Bun JavaScript runtime and toolkit is out with enhanced testing support and improved memory management. The latter is a critical issue to devs and follows complaints of memory leaks causing problems in production.…

Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million

The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting US businesses has pleaded guilty, months after his two co-workers did the same.…

One of two second stage engines misbehaved, administration must sign off report before flights resume

Blue Origin's New Glenn loss of a satellite has been classed as a "mishap" by the US Federal Aviation Administration (FAA), triggering a mandatory investigation.…

CEO suspects silicon sidekick behind 'surprising velocity' breach - cyber crims shop stolen data for $2M

Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with "surprising velocity" and a deep understanding of the company's infrastructure.…

Mexican IT services firm admits it was hacked, but says client operations weren't affected

A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance footage to a cybercrime forum.…

No facial recognition privacy intrusions either! Well, maybe a little

London's Metropolitan Police is trialing new retail technology to help curtail the city's pervasive shoplifting problem… and it doesn't rely on live facial recognition (LFR).…

Excessive friendliness may cause users to forget they're talking to a very confident autocomplete

A study into how humans interact with chatbots suggests the fastest way to make an LLM feel human isn't making it smarter – it's making it seem nicer.…

Spoiler: There's no magic value. Just a timer, some kernel calls, and too much coffee

Windows has always had a built-in portal to the very recent past: Task Manager's CPU usage meter.…

US-based cloud providers could have to disclose certain data under American legal orders

Updated  The European Commission has awarded four contracts designed to advance cloud sovereignty in the EU, but one uses services from S3NS, a joint venture between Thales and Google Cloud, raising questions about its real independence.…

Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole

UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting.…

Admins are tired of taking photos, so this enables secure on-site unattended enrolment

Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated devices and environments.…

And China is loving it

Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations.…

Dud contracts, proprietary designs, and zero-experience supplier make for quite the mess

The NASA Office of Inspector General, the aerospace agency’s auditor, fears that work on next-generation spacesuits won’t finish in time to use them for the planned Artemis III Moon landing mission in 2028.…

A lesson in how not to respond to vulnerability reports

UPDATED  Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users' sensitive info, including credentials, chat history, and source code. However, the company’s story keeps changing: First it attributed the publicly exposed info to "intentional behavior" and "unclear documentation," then threw bug-bounty service HackerOne under the bus.…