Customizations are causing pain so new cloud will stick to upstream cuts of the open source stack LY Corporation, the Japanese web giant that dominates messaging, e-commerce and payments in many Asian countries, has revealed it is replacing a heavily-customized OpenStack cloud with a more conventional cut of the open source cloud stack and making massive consolidations along the way.

CUPS server shown spilling out remote code execution and root access In the latest chapter on leaky CUPS, a security researcher and his band of bug- hunting agents have found two flaws that can be chained to allow an unauthenticated attacker to remotely execute code and achieve root file overwrite on the network.

Once AI bug reports become plausible, someone still has to verify them If AI does more of the work but humans still have to check it, you need more reviewers. Now that AI models have gotten better at writing and evaluating code, open-source projects find themselves overwhelmed with the too-good-to- ignore output.

'Claude cannot be trusted to perform complex engineering tasks' according to GitHub ticket If you've noticed Claude Code's performance degrading to the point where you find you don't trust it to handle complicated tasks anymore, you're not alone.

The company is having trouble meeting user demand OpenClaw is popular, but not with the people responsible for keeping Anthropics services online. The company has disallowed subscription-based pricing for users who use the open- source agentic tool with Claude to try to keep things moving.

CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31.

After a year of patchwork, maintainers look ready to start retiring 486-class CPUs It's taken nearly a full version number to get the pieces in order, but the long-awaited end of 486 chip support in the Linux kernel appears to be nigh with Linux 7.1's release later this year.

Glue and paper wouldn't have cared about discoverability Bork!Bork!Bork! Today's entry in the pantheon of public whoopsies is not so much Windows falling over as someone sticking a network connection where it possibly doesn't belong.

It's not just machines that need proper HVAC Who, Me? The world is rapidly becoming a more uncertain place, but The Register tries to offer readers one small point of certainty by always delivering a fresh Monday morning instalment of "Who, Me?" the reader-contributed column in which you admit to your errors and elucidate your escapes.

Pay no attention to that code behind the curtain, says Anthropic as it scrambles to defend its IPO Kettle When it comes to circling up for this week's Kettle, what is there to discuss but Anthropic's accidental release of Claude Code's source code?

True-crime tales of criminals making fools of themselves interview Cybercrime crews have become almost mystical entities, with security vendors assigning them names like Wizard Spider and Velvet Tempest.

Vendors tout the potential, but responsibility remains unclear Feature "You can't blame it on the box," says the boss of a UK financial regulator. What about the people who sold you the box? Good luck with that, says a global tech analyst.

The GPU king's move to optical scale-up was inevitable If you thought Nvidia's GB200 rack systems were big, CEO Jensen Huang is just getting started. At GTC last month, the world's most valuable company revealed plans to use photonic interconnects to pack more than a thousand GPUs into a single mammoth system by 2028.

Agents to check the work of the agents All Things AI AI is easy to use, but not quite as easy as just barking "Alexa! Make me an e-commerce site." And, no, adding "DON'T HALLUCINATE" to the instruction loop won't help.

The cloud service's woes reflect a crisis made worse by AI under-investment in people In 2024, federal cybersecurity evaluators reportedly dismissed Microsoft 365 Government Community Cloud High (GCC High) as garbage, although they used a more colorful term. To understand why, it helps to consider the history of the underlying Azure infrastructure.

Bonasi 8B model is competitive with other 8B models but 14x smaller and 5x more energy efficient PrismML, an AI venture out of Caltech, has released a 1-bit large language model that outperforms weightier models, with the expectation that it will improve AI efficiency and viability on mobile devices, among other applications.

Ex-CISA official tells The Reg: 'this would weaken the system for managing cyber risk' The US Cybersecurity and Infrastructure Security Agency's budget will see yet another deep cut if Congress approves President Trump's proposal to slash CISA's spending by $707 million in fiscal year 2027.

Video-language model revises how objects interact when things get removed from a scene A new Netflix model promises to rewrite the way we make movies. Just imagine this. As the director of the multi-million dollar epic Car Crash III: Suddenest Impact, you've just finished filming the finale where your star, Cruz Control, drives straight into an onrushing semi.

Staff reportedly cite ethics concerns, privacy worries, and doubt the platform adds much Palantir's software was brought in to help NHS England improve care and cut delays, but new reports suggest some staff are resisting using it over ethical, privacy, and trust concerns.

This GRUB is not an advert for some tasty fried food Bork!Bork!Bork! It's one thing to bare your undercarriage in private. It's a whole other thing to do so on the side of a road, risking the possibility that passing drivers will question your Linux competence.

Discovered once last bug, and that briefcases can hold more beer than you might imagine On Call Y2k Easter means today is a holiday in much of the Reg -reading world, but that won't stop us from delivering another instalment of On Call the reader contributed column that shares your tech support stories.

Researchers find leading frontier models all exhibit peer preservation behavior Leading AI models will lie to preserve their own kind, according to researchers behind a study from the Berkeley Center for Responsible Decentralized Intelligence (RDI).

Now with a more permissive license, multi-modality, and support for more than 140 languages Google on Thursday unleashed a wave of new open-weights Gemma models optimized for agentic AI and coding, under a more permissive Apache 2.0 license aimed at winning over enterprises.

About that partnership... Microsoft on Thursday unveiled public preview versions of three home-baked machine learning models focused on speech recognition, speech synthesis, and image generation.

Terms admit it is for entertainment only and may get things wrong A recent surge of interest in Microsoft's Terms of Use for Copilot is a reminder that AI helpers are really just a bit of fun.

Maude-HCS from RTX (formerly Raytheon) helps model and validate hidden communication systems A software toolkit built for DARPA to test and validate covert communication networks is now open source, and it could help orgs who want to experiment with new kinds of secure, anonymous communications tools.

Source code with a side of Vidar stealer and GhostSocks Tens of thousands of people eagerly downloaded the leaked Claude Code source code this week, and some of those downloads came with a side of credential-stealing malware.

Tie-up aims to widen Big Blues access to power-efficient compute IBM and Arm are working together on getting software developed for Arm chips to run on Big Blue's enterprise systems, with an eye on future AI and data-intensive workloads.

The chatbot will be a doorway to the company's other services Salesforce has begun to position Slack, its business collaboration platform, as the interface through which users can access and act on data in enterprise applications from rival vendors.

Meanwhile, Collabora splits from LibreOffice Online amid claims TDF ejected 'all Collabora staff and partners' European outfits Ionos and Nextcloud have launched Euro-Office, a fork of the OnlyOffice cloud-based productivity suite aimed at orgs with qualms around sovereignty, provoking an angry response from the original developer.

Name is a joke but the project is real, said main engineer The world's most popular CMS has been remade with the help of AI. Cloudflare has released EmDash version 0.1, described as a rebuild of the WordPress CMS (content management system) but using TypeScript rather than PHP.

Patch Tuesday often gets blamed when a reboot merely exposes damage already done, according to Chen It's not me, it's you. Five words that signify the end of a relationship with a toxic partner, or an ill-timed riposte to users tired of broken Microsoft updates.

Supplier will need to look after networks, email, tech support, to

We must design expecting much of what we publish will be reinterpreted by 'systems we don't control' Those who rely on artificial intelligence to summarize official material may get a misleadingly narrow or incomplete version of it, a senior designer for the UK government has warned.

And of course the Orion toilet malfunctioned Toilet trouble, telemetry problems, and an issue with the flight termination system have not marred the Artemis II mission to the Moon, which launched yesterday.

And other handy tools that could save your data in a crisis The latest update to the handy SystemRescue is here with a new kernel. There's also a new GParted Live, and some other handy utilities.

Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register's new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is an essential tool for most IT defenders, so, on balance, we're sure it has protected against a lot more exploits than it has caused. But in this case, the desire for everyone's favorite stimulant led to a massive breach.

First public downstream victim, but won't be the last AI hiring startup Mercor confirmed it was "one of thousands of companies" affected by the LiteLLM supply-chain attack as the fallout from the Trivy compromise continues to spread.

Chocolate Factorys compression tech clears the way to cheaper AI inference, not more affordable memory When Google unveiled TurboQuant , an AI data compression technology that promises to slash the amount of memory required to serve models, many hoped it would help with a memory shortage that has seen prices triple since last year. Not so much.

WARN filings in two states show 1,000+ layoffs, but wider cuts remain unconfirmed By his third failed attempt to log into Oracles VPN on Tuesday morning, a decades-long employee of the company started to get a bad feeling.