'Sustained focus on Western critical infrastructure' Russia's Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, telecommunications, and tech providers, stealing credentials and compromising misconfigured devices hosted on AWS to give the Kremlin's snoops persistent access to sensitive networks, according to Amazon's security boss.

Big Red said it had sold its stake in its long-time silicon partner last week Oracle last week announced that it had divested from Ampere Computing. But while Big Red may no longer own part of the Arm CPU maker, it's not ready to stop using the chips just yet.

Framework looks great for scenarios where a 62 percent completion rate is acceptable IBM researchers have released an open source AI agent called CUGA that aspires to automate complex enterprise workflows and get it right about half the time, depending on the task.

If the buy happens, the big question is will they integrate the codebase or keep it separate? ServiceNow is reportedly nearing a deal to buy security software company Armis for $7.1 billion to give its customers full stack visibility of their IT estate and eliminate security blindspots, according to Bloomberg .

Washington rediscovers that modern IT doesnt run itself After dissolving several federal tech modernization units and shedding large numbers of technologists, the Trump administration has launched a new talent recruitment initiative, suggesting it still needs people to help drag the government's IT into the present.

Who hasn't exploited this max-severity flaw? At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking React2Shell, a maximum-severity flaw in the widely used React JavaScript library, according to Google.

And don't sweat the debt either, we've got plenty of capital at our disposal Despite Wall Street jitters and reports to the contrary, Oracle insists its $300 billion datacenter deal with OpenAI is on track and proceeding on schedule.

Powered by the original mobile Linux OS with crowdsourced specs hands on After successful crowdfunding, the latest release of the original handheld Linux distro will power a new handset coming in mid-2026.

On-prem control planes, dark-site upgrades, and multicloud policies target regulated deployments Nutanix is taking a pop at VMware again as it unwraps features that it says allow customers to run distributed sovereign clouds.

Mobile traffic now accounts for nearly half of requests Global internet traffic grew by 19 percent during 2025, while nearly half of traffic now comes from mobile devices. A significant and growing portion also comes from bots, many designed to train AI.

Paris Buttfield-Addison literally wrote books on Swift Apple has blocked a long-time developer from his Apple ID after he failed to redeem what support suggested was a dodgy $500 gift card, leaving him unable to work, cut off from personal files, and barred from what he calls his "core digital identity."

IDC's latest tracker numbers were brought to you by the letters A and I The global server market went into overdrive in the third quarter of 2025, racking up a record $112.4 billion in revenue as AI demand pushed vendor sales up 61 percent year-on-year, according to the latest figures from IDC.

Flat-rate deals may sting now, but vendor expects payback over decades Salesforce's chief revenue officer has said that he is relaxed about the CRM giant losing money on AI agent seat-based licensing in the long term because it will have many more years to "monetize" such customers.

Watchdog highlights slate of unmet priorities A US spending watchdog has delivered another withering verdict on the Department of Veterans Affairs efforts to drag its health records program into the 21st century.

Company vacuumed up by its own manufacturer iRobot, the company behind autonomous vacuum cleaner brand Roomba, has filed for Chapter 11 bankruptcy protection, telling investors that its Chinese manufacturer will assume control going forward.

Watchdog links schedule change to replanning of UK payments system overhaul The European Central Bank's (ECB) decision to delay its move to a new messaging standard in 2022 ended up costing the Bank of England 23 million as it was forced to adjust migration to a new settlement system to avoid compounding risks.

Automaker admits raid that crippled its factories in August led to the theft of sensitive info Jaguar Land Rover (JLR) has reportedly told staff the cyber raid that crippled its operations in August didn't just bring production to a screeching halt it also walked off with the personal payroll data of thousands of employees.

Both admit attackers were already exploiting the bugs, with scant detail and hints of spyware-grade abuse Apple and Google have both issued emergency patches after zero-day bugs were caught being actively exploited in what the companies describe as "sophisticated" real-world attacks.

Minister insists 'modest' bill is not an assault on privacy-preserving tech The Danish government wants the public to weigh in on its proposed laws restricting use of VPNs to access certain corners of the internet.

I'm dreaming of a white hat mass Opinion It was 40 years ago that four young British hackers set about changing the law, although they didn't know it at the time. It was a cross-platform attack including a ZX Spectrum, a BBC Micro, and a Tatung Einstein slamming British Telecom's Prestel service over dial-up modems at 75 bits per second.

One keypress turned a tricky Windows NT balancing act into a life of leisure Who, Me? After a weekend of R&R;, The Register welcomes you back to the working week with a new installment of Who, Me? It's the reader-contributed column in which you confess to workplace errors and indiscretions and reveal how you survived to tell the tale.

Thats just one of 16 innovative and experimental sats that launched Sunday Japans Aerospace Exploration Agency (JAXA) is celebrating after the successful Sunday launch of its Innovative Satellite Technology Demonstration No. 4, which is packed with 16 intriguing payloads.

PLUS: Drugs found in ink cartridges; Chinse censorship fighters criticize Vultr; Coupang CEO resigns; And more! Asia In Brief A SpaceX executive has claimed that a Chinese satellite launch came within 200 meters of hitting a Starlink satellite.

PLUS: Crims could burn your AI budgets thanks to weak defaults; CISA's top 25 vulns for 2025; And more Infosec In Brief The UK's National Cyber Security Centre (NCSC) has found that cyber-deception tactics such as honeypots and decoy accounts designed to fool attackers can be useful if implemented very carefully.

SPhotoix moves its 5D Memory Crystalcold storage tech closer to deployment in data centers After decades of research and development, humanity finally has a data storage medium that will outlast us.

CEO warns airlines that dont learn to sell themselves to machines could soon be flying under the radar British Airways' chief executive has warned that the airline industry is fast heading for a future where AI agents, not humans, decide which brands get booked and carriers that fail to adapt are at risk of quietly disappearing from the digital shop window.

Exploit hasn't been picked up by any malware detection engines, CEO tells The Reg A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Redmond plans to release an official one - along with a working exploit circulating online.

Critical vulnerabilities found in third-party applications eligible for award under 'in scope by default' move Microsoft is overhauling its bug bounty program to reward exploit hunters for finding vulnerabilities across all its products and services, even those without established bounty schemes.

And the earlier React2Shell patch is vulnerable If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Server Function source code, so anyone using RSC or frameworks that support it should patch quickly.

Executive order sidesteps Congress and sets up Litigation Task Force President Trump and his patrons in big tech have long wanted to block states from implementing their own AI regulations. After failing twice to do so in Congress, the US president has issued an executive order that would attempt to punish states that try to restrain the bot business.

Protests force disclosure of costs totaling $16,000 per student over 7 year rollout replacing 80 legacy systems The total cost of a Workday implementation project at Washington University in St. Louis is set to hit almost $266 million, it was revealed after the project was the subject of protests from students.

It's getting crowded up there Earth's orbit is starting to look like an LA freeway, with m

Bank sketches four scenarios in which monetization falters or demand swamps supply by 2030 Goldman Sachs warns that datacenter investments may fail to pay off if the industry is unable to monetize AI models, but hedges its bets by saying that demand could also overwhelm available capacity by 2030.

Justice Department alleges federal auditors were misled over compliance with FedRAMP and DoD requirements The US is suing a former senior manager at Accenture for allegedly misleading the government about the security of an Army cloud platform.

Competition Appeal Tribunal to decide if multibillion-pound overcharging case can go to trial Stop us if you've heard this one before. Microsoft is in court regarding allegedly sharp software licensing practices.

Rights groups say digital-only record is leaking data and courting trouble Civil society groups are urging the UK's data watchdog to investigate whether the Home Office's digital-only eVisa scheme is breaching GDPR, sounding the alarm about systemic data errors and design failures that are exposing sensitive personal information while leaving migrants unable to prove their lawful status.

Wiz says React2Shell attacks accelerating, ranging from cryptominers to state- linked crews Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters ranging from bargain- basement cryptominers to state-linked intrusion tooling.

Analysts say the shift offers stability, but embedded usage caps ensure vendors keep control Salesforce CEO Marc Benioff last week came closer to answering a multibillion-dollar question when he said seat-based pricing with some caveats was becoming the norm for its AI agents after flirting with pricing based on consumption and per-conversation payments.

Replacement rollout plagued by bad data and missing features, says watchdog Despite completing its rollout of a new case management system, Home Office caseworkers are still referring back to data in a 25-year-old legacy system when processing asylum claims, according to a public spending watchdog.

Getting that confession took hours, during which L1 and L2 support gave up On Call Welcome once more to On Call, the Friday column in which we share stories of tech support incidents that went pear-shaped until cunning Reg readers stepped in to save the day.