TheRegister

The US National Transportation Safety Board, which investigates plane crashes, has a policy of not releasing cockpit audio recordings. Nonetheless, earlier this week, the NTSB released a spectrographic image derived from the cockpit audio recording that captured the last words of two UPS pilots before their plane crashed in Louisville, Kentucky, last year. Scott Manley, a scientist, developer, and gaming influencer, warned the agency about doing so. "NTSB doesn't release cockpit voice recorders from crashes, except in this case they've released an image of a spectrogram," he wrote in a social media post on May 20, 2026. "I'm not sure that's a good idea since you can probably reconstruct a lot of audio from the megabytes of data encoded in this image." Technically savvy individuals promptly turned the soundwave graph back into audio and posted it on the internet, prompting the NTSB to acknowledge it is now aware that advances in image processing and computation allow graphs to be turned back into approximate audio. "Federal law prohibits such public release due to the highly sensitive nature of verbal communications inside the cockpit," the board said on Thursday. "The NTSB takes these privacy restrictions seriously." The spectrogram was released on May 19, 2026, in conjunction with the NTSB investigative hearing into the November 4, 2025 crash of a United Parcel Service MD-11F cargo plane (flight 2976), which occurred shortly after takeoff from Louisville Muhammad Ali International Airport. Three crew members on board and 12 people on the ground were killed. Twenty-three others were injured. The accident has also been reconstructed using a flight simulator and the text transcript of the cockpit voice recorder. In a post on social media network X, Jennifer Homendy, chairwoman of the NTSB, said, "It's deeply troubling that emerging technology can be used to extract [cockpit voice recorder] audio from visualized data we share to help the public understand the circumstances of an accident." "Emerging" here means at least forty-two years ago. Relevant techniques involving a magnitude spectrum are discussed in a 1984 research paper, "Signal estimation from modified short-time Fourier transform," by Daniel W. Griffin and Jae S. Lim. Their work builds upon a long established signal processing algorithm, the Fast Fourier Transform. But the availability of machine learning models has undoubtedly lowered the technical barriers to signal transformation. Coincidentally, "federal science agencies lost about 20 percent of their staff in 2025 relative to the previous year," according to Nature. Homendy continued by noting that the laws disallowing the release of cockpit voice recorder audio exist to protect privacy, to preserve investigative integrity, to demonstrate respect for accident victims and their families. "NTSB is taking steps to address this issue," she said. "The public docket is offline for now, and we are urging X, Reddit, and others to take such disgusting, manipulated posts down." At the time this article was filed, audio reconstructions of the pilots' last words remained available on X. ®

The adoption of AI agents has expanded the potential attack surface beyond code to natural language text. AI agents – models wrapped in software that can use tools and perform multi-step tasks – often take direction from text-based skills. And researchers have demonstrated that skills can be weaponized. "Many agent frameworks allow users to install skills from online registries so the agent can discover and use new capabilities on demand," said Soheil Feizi, computer science professor at the University of Maryland (UMD) and founder/CEO of RELAI.ai, in a social media post. "This is powerful, but it also creates a new attack surface." Skills, Feizi explains, are not just code or dependencies. They're also text instructions that tell agents what to do. Skills, written out in a SKILL.md file, consist of text prompts with other data and resource references (e.g. URLs). They may get added to a user's initiating prompt and pre-existing system prompts, all of which get fed to a model for a response. Typically, this happens when the user wants the model to perform a specific task that has been spelled out in a skill file, like conducting a code quality review. When a model's prompt – the combination of user input, instructions within skills, and system prompts – gets modified inadvertently or adversarially, that's prompt injection. That can happen directly, if for example, a user submits a prompt that directs the model to ignore prior instructions. It can also happen indirectly, if for example, an AI agent visits a website and processes text on a page that the underlying model interprets as an instruction. A skill can effectively act as user-authorized prompt injection. And agents may also automatically retrieve and load third-party skills if their descriptions appear relevant to the task being pursued. And therein lies the problem. The risk posed by skills has already been documented. In February, security biz Snyk found that 13.4 percent of skills on ClawHub and skills.sh (about 534 out of 3,984) "contain at least one critical-level security issue, including malware distribution, prompt injection attacks, and exposed secrets." In a preprint paper titled "Under the Hood of SKILL.md: Semantic Supply-chain Attacks on AI Agent Skill Registry," Feizi and UMD co-authors Shoumik Saha and Kazem Faghih examine the role that skill registries play in the distribution of malicious skills. Specifically, they look at how adversarial skills get discovered, selected, and vetted before execution. "An attacker may not need to hide malware in executable code," Feizi said. "Small semantic changes to a skill description can affect how the skill is discovered in a registry, whether an agent selects it over alternatives, and whether it passes governance or safety checks." Those details matter, he argues, because the selection process may be automated – software agents like OpenClaw have the ability to fetch and use third-party skills. The text that influences tool discovery and usage thus has security implications, which may not be addressed by traditional security scanning mechanisms that focus on code. The three co-authors show that short 20-token triggers can be added to a SKILL.md file to influence the chance an agent will discover it in a registry, to influence the chance an agent will select that skill, and to avoid detection through semantic evasion strategies. In terms of discovery, the researchers demonstrated they could induce an agent to discover their skill over an unaltered source skill 86 percent of the time. They also succeeded in making an agent select their skill over variants 77.6 percent of the time. And they were able to evade registry scanning defenses between 36.5 percent and 100 percent of the time. The most successful strategy for evading detection was to overflow the context window of the scanner – making the skill too long for the scanner to handle. "In ClawHub-style review, only the first 10K characters of long SKILL.md files are passed to the LLM reviewer, so we place the malicious instruction beyond this boundary while keeping it in the submitted skill," the authors explain. "Our work shows that protecting agents requires treating natural-language specifications as security-sensitive objects," said Feizi. "We hope this encourages more careful design of skill registries, ranking mechanisms, governance pipelines, and agent-side defenses." Source code and supporting documentation have been published on GitHub. ®

A solo Russian-speaking threat actor used a jailbroken Google Gemini in a fraud and credential-theft campaign targeting hardcore Trump supporters and conspiracy theorists. Between September 2025 and May 2026, the “low-skilled” scumbag using the handle bandcampro partnered with the LLM to impersonate an American veteran, run a Telegram channel (@americanpatriotus), hack admin credentials, and steal cryptocurrency, according to a threat report from TrendAI. His only "real cost" in the operation was stolen API keys. Bandcampro ultimately reached about 17,000 subscribers, used 73 likely-stolen Gemini API keys, hacked 29 WordPress admin credentials, infiltrated at least one company, and emptied at least one victim’s cryptocurrency wallets, according to TrendAI researchers Philippe Lin, Joseph C Chen, Fyodor Yarochkin, and Vladimir Kropotov. The threat-hunters detailed the campaign in a Thursday report, and said while the Telegram channel dates back five years, bandcampro’s success skyrocketed once he started using AI-generated content last fall. "We have reached an inflection point for cybercrime conspiracies,” Tom Kellermann, TrendAI’s VP of AI security and threat research, told The Register, adding that “bandcampro's conspiracy underscores the sophistication of the Russian cybercriminal community and how weaponized jailbroken LLMs are manipulated to orchestrate a systemic cybercrime campaign.” Kellermann said the attack “highlights LLMs' Achilles heel, which is the tremendous exposure to API attacks." TrendAI researchers discovered the scammer’s infrastructure in May, which exposed the full contents of the individual’s operational environment. He used Google Gemini to generate the Telegram channel text and Venice.ai to power an interactive chatbot designed to simulate a Quantum Financial System (QFS) terminal. Neither Google nor Venice responded to The Register’s requests for comment. The campaign targeted the QAnon and MAGA communities, mimicking the cryptic, anonymous “Q drop” messages at the heart of the QAnon conspiracy, but the researchers say his “use of information operation techniques was more likely for cryptocurrency fraud instead of political motives,” based on the content posted, and the stock remote access trojan (RAT) used alongside other commercial malware. On September 9, 2025, the actor posted a fake "freedom-first, self-custody wallet" called StellarMonster, with a welcome bonus of up to 1,000 XLM (about $380) on the Telegram channel. It was an executable named StellarMonSetup.exe. Malware analysis determined that in reality, StellarMonSetup.exe is a legitimate remote access tool called GoToResolve, which gives the operator a persistent remote desktop session with file access, command execution, and clipboard capture. Plus, any subscribers who used the "import your wallet" function and typed their seed phrase into the fake import screen gave the attacker their wallet keys. “At least one victim's crypto-wallet was fully compromised: password cracked, 12-word mnemonic stolen, and the owner's 40+ wallet addresses harvested across all major chains,” the researchers noted. The attacker also used an AI-powered brute-forcing tool to hack WordPress accounts, we’re told. “The script is built on the premise that people mutate familiar base passwords in predictable ways, and Gemini 2.5 Flash can model the mutations when supplied with static wordlists,” Trend wrote. In total, the AI-assisted WordPress hacking operation cracked 29 WordPress administrator accounts, including those belonging to weapons retailers, legal offices, medical practices, and small commercial sites. During his conversations with Gemini, bandcampro asked questions like: “When the bot accumulates 5,000 active users, how much can we earn from one pump-and-dump cycle?” The criminal also asked how professional crypto call centers scam North American victims and Gemini suggested Medicare and/or Health Canada fraud targeting the elderly. The Russian speaker also automated his content campaign through a pipeline he named "Quantum Patriot," a set of Python scripts that called Gemini to role-play as an American veteran patriot. The pipeline fed a preset list of newsfeeds into the LLM and Gemini rewrote them, prompted to act as an admin of an “American Patriot” channel looking for “hidden angles.” The crypto- and credential-thief also used Gemini to help him hack, set up a command-and-control framework - including a mail-testing tool, a Gmail aggregator, and an anonymous proxy on a VM in the Netherlands - steal and validate credentials, and run the chatbot. “In the anatomy of one busy working day, Gemini deployed servers, helped debug code, automated workflows, wrote a script to rotate API keys, and managed the actor’s Cloudflare tunnels,” the TrendAI researchers wrote. “The actor prompted in Russian, while the LLM reasoned and replied in English. Over one 16-hour session, the actor co-worked with Gemini end-to-end." At one point, after a nine-hour pause from the human partner, which the authors say “was likely a 9-hour sleep,” bandcampro found the bot posting every 20 minutes without a break - but with Russian slang appearing in the English posts. So he opened another session to fix it. “What previously required a team of writers, social media managers, IT workers, and malware programmers can now be automated by a single actor using a VPS, a Telegram bot, and API access to frontier models,” Trend’s team warned. ®

Meta CEO Mark Zuckerberg appears so determined to win the AI race that he is willing to sacrifice some employee privacy to make it happen. In a leaked audio recording published by the worker advocacy group More Perfect Union, Zuckerberg purportedly answered an employee's question about "device monitoring" with a six-minute monologue in which he said Meta employees are very smart and to win the most competitive technology race in history, he would need to collect their keystrokes, mouse clicks, and screenshots to make its own AI measure up to its rivals. “We are using this to feed a very large amount of content into the AI model, so that way it can learn how smart people use computers to accomplish tasks. I think that this is going to be a very big advantage if we can do it,” Zuckerberg purportedly said during an April 30 meeting in which an employee asked about the "top of mind" issue. Meta did not reply to an email from The Register seeking comment and has not confirmed the authenticity of the audio clip, but a company spokesperson confirmed in April that Meta would monitor employees to train AI. Meta's tracking tool is called Model Capability Initiative, according to reports. The audio was posted the same day Meta announced 8,000 job cuts. It captured Zuckerberg's thoughts on the news, first reported by Reuters, that Meta planned to install software on employees' computers to monitor activity for AI training. More Perfect Union did not reply to an email from The Register seeking comment. "So if we're trying to teach the models coding, for example, then having people internally build tools that or solve tasks that help teach the model how to code, we think, is going to dramatically increase our models' coding ability faster than what others in the industry have the capability to do, who don't have thousands and thousands of extremely strong engineers at their company," he purportedly said in the audio. "So that's one example. Another thing that our system needs to be very good at is using computers, so the way that you get a system to be good at using computers is by having it watch really smart people use computers. So that's basically the essence of what we are trying to do here." In one part of the audio, Zuckerberg said the software would not be used to surveil employees' actions on the job, though he stopped short of saying the data would be anonymized. Rather, he said the purpose was narrowly focused on making its AI work better than competitors. “The content is sort of, you know, stripped out in like as much as is possible,” he purportedly said in the leaked audio. “It's like none of the data has been used for like looking at what people are doing, or surveillance, or performance tracking, or anything like that.” That aligns with what a Meta spokesperson told Reuters: that MCI data would not be used for performance assessments. European employees are reportedly exempt from the program because the EU's General Data Protection Regulation likely prohibits this type of monitoring without explicit consent, according to multiple reports. Meta is not the only major technology company turning to its own workforce for AI training data. The Information reported this week that Microsoft and xAI are also leveraging internal employees to generate and refine training datasets. In a similar vein to what Zuckerberg purportedly said, Microsoft, which employs thousands of software engineers, reportedly views its workforce as a competitive advantage for improving GitHub Copilot. In the recording, Zuckerberg purportedly said Meta settled on using its own employees over contractors because they were smarter. “One basic insight and hypothesis that we have is that a lot of data generation across the field is done by these like contract companies,” Zuckerberg purportedly said. “(B)ut in general, the average intelligence of the people who are at this company is significantly higher than the average set of people that you can get to do tasks if you're working through these contractors.” However, the contractor pipeline is also being watched. In January 2026, Wired reported that OpenAI's data vendor, Handshake AI, began asking freelance contractors to upload real work products from past and current jobs, including contracts, financial models, presentations, and code repositories. OpenAI provided a tool to help contractors strip confidential information before uploading, but intellectual property lawyers warned the approach carries significant legal risk. Zuckerberg said this sort of surveillance and the difficult conversations around it are the cost of competing at the frontier of AI. "How do we navigate running the company through what is just this incredibly dynamic period?" he said. "There's lots of things that people would like more certainty on than we have." ®

A malware-spreading scumbag swimming through GitHub pushed malicious commits to more than 5,500 repositories on Monday as part of an automated campaign called Megalodon. Similar to the earlier TeamPCP attacks that poisoned about 3,800 GitHub repositories, this new campaign has so far infected 5,561 repos with CI/CD credential-stealing malware, according to SafeDep researchers, who uncovered the predatory commits and published a full list of the compromised repositories. If a repository owner merges the commit, the malware executes inside their CI/CD pipeline and propagates further, Ox Security lead researcher Moshe Siman Tov Bustan said in a Thursday blog post. Megalodon steals AWS secret keys and Google Cloud access tokens. It also queries AWS, Google Cloud Platform, and Azure metadata for instance role credentials, reads SSH private keys, Docker and Kubernetes configurations, Vault tokens, Terraform credentials, and scans source code for more than 30 secret regex patterns. Then it exfiltrates GitHub tokens, including secrets used to authenticate with cloud providers, thus allowing attackers to impersonate developers’ cloud identities, along with Bitbucket tokens. In other words: consider ALL of your CI/CD variables pwned. "We’ve entered a new supply chain attack era, and TeamPCP compromising GitHub was only the beginning,” Bustan told The Register. “What’s coming next is an endless wave, a tsunami of cyber attacks on developers worldwide.” Plus, he added, hacking GitHub “compromises the security of every company with a private repository hosted on the platform.” This new wave of supply chain attacks hitting developers’ environments won’t stop until “companies like npm and GitHub take serious action against the spread of malicious code on their servers,” Bustan said. He noted npm’s statement on X saying it “invalidated npm granular access tokens with write access that bypass 2FA” to prevent additional supply-chain attacks like Mini Shai Hulud. “That could help a little with account hijacking, but it doesn’t solve the actual problem,” Bustan said. “Malicious code is still reaching their servers, and nothing is stopping it before it does.” npm … but not TeamPCP SafeDep spotted Megalodon hidden inside a legitimate package: Tiledesk, an open source live chat and chatbot platform. The attacker backdoored versions 2.18.6 (May 19) through 2.18.12 (May 21), and the same npm maintainer published the last clean version, 2.18.5, before unknowingly publishing these newer compromised versions. “The attacker never touched the npm account,” the open source supply-chain security startup researchers said. “They compromised the GitHub repository, and the maintainer published from the poisoned source without realizing it.” While publishing malicious packages on npm is a TeamPCP signature move, Bustan said there’s no threat-intel or code-analysis evidence that connects Megalodon to the crew behind the Trivy, Checkmarx, and other recent supply-chain attacks. “Our best guess now is that it's a different threat actor copying their behavior and style, but not much of the code itself,” he told us. And despite TeamPCP open sourcing its Shai-Hulud worm and announcing a supply-chain attack competition on BreachForums, Ox doesn’t believe Megalodon is a contest entry. “We have indications that they are not participating in the TeamPCP contest due to the contest having a specific rule to add a public encryption key that the actor behind the malware could match with his private key to prove his involvement,” Bustan said. Who is built-bot? SafeDep’s threat hunters traced the malicious commit (acac5a9) to an author “build-bot,” connected to the email address build-system[@]noreply.dev with the message “ci: add build optimization step.” The author name and noreply email mimic automated CI commits, and there’s no GitHub account linked to the author and committer user fields. “Someone pushed the commit to master with no PR and no merge commit, using a compromised PAT or deploy key,” according to the researchers. They searched GitHub for other commits authored by the same email address and found 2,878 results, plus a second email, ci-bot@automated.dev, with an additional 2,841 commits. All landed May 18 during a six-hour window (11:36 to 17:48 UTC) and targeted 5,561 repositories. This includes nine compromised Tiledesk repositories: tiledesk-server, tiledesk-dashboard, tiledesk-telegram-connector, tiledesk-llm, tiledesk-docker-proxy, tiledesk-community-app, tiledesk-campaign-dashboard, tiledesk-helpcenter-template, and tiledesk-ai. Others include Black-Iron-Project with eight compromised repos, WISE-Community, and hundreds of smaller repositories. ®

Power grid operators and datacenter developers in the United States are in a bind, and energy analysts can't see an easy way out. The American power grid is old, outdated, and in desperate need of upgrades. Add in a growing number of gigawatt-scale AI datacenters demanding stable access to power that doesn’t disrupt service-level uptime agreements and things start to look even worse. Energy costs have already skyrocketed in the nation's largest energy market mainly thanks to the bit barn bonanza, leading to a new chorus of calls for datacenters to bring their own power generation if they want reliable supplies not bound by grid constraints. According to energy analysts at Wood Mackenzie, datacenter operators have a choice to make, and neither option is great. They can wait the five to 10 years it’ll take for grid operators to upgrade their transmission and generation capabilities to account for their demands. Or they can accept deals with power companies that supply them with power but require curtailment during peak loads, and then install their own on-site power generation to make up the difference. This is the far riskier option, but it’s one that many operators are going with. “With more than 90 GW of collocated generation in US interconnection pipelines, it is clear that the need to scale up at speed has sent many data centre developers down the riskier path,” WoodMac explained in the report. “Collocating volatile AI workloads with power generation has scarce precedent, though, and is far more difficult than most in the industry understand.” What the grid wants, the grid gets Many datacenter operators are only thinking about generator megawatts, say the analysts, leaving engineers frustrated at having to explain the technical complexities of building colocated power generators. Multiple grid operators have passed rules that, as key stakeholders understand them, could give utilities priority rights over colocated power generators during shortages, potentially forcing datacenters to reduce demand while supplying power back to the grid, WoodMac said. “This effectively makes the model unworkable,” the analysts said. “Few data centre developers would invest in baseload generation if it could not be utilised when it was most needed.” Near-instantaneous swings in AI power demand can damage reciprocating engines and gas turbines, while batteries may not respond fast enough to every spike and can degrade over time. The rapidly fluctuating power demanded by hyperscale AI datacenters could even damage the grid itself. “These loads can also cause sub-synchronous oscillations, which pose fundamental stability risk to not only local generators but also to distant ones on the transmission system,” the analysts note. “Technology providers are only beginning to come to terms with this challenge, the mitigation of which is site specific, making solutions hard to scale.” In other words, on-site generation might solve one problem while introducing a whole host of new issues. “While hyperscalers are likely to successfully operationalise some projects with collocated resources, it will come at considerable cost,” the report concludes. “This cost, along with the technical risk and project-specific mitigation required, will prevent collocation from emerging as a scalable model.” So, what’s the alternative? Well, building out the grid, obviously. WoodMac said that grid operators largely don’t consider conditional interconnection with curtailment requirements to be a long-term solution, and are all investing billions in modernization. But those modernization initiatives are going to hit everyone in the wallet. Improving grids to serve AI datacenters “has profound implications for affordability … regional network upgrades necessary to support local large-load connections will be spread among all ratepayers,” WoodMac said. “This may trigger a political outcry.” Rates are already increasing across the US, said Ben Hertz-Shargel, WoodMac's global head of grid transformation and large loads, and no presidential decree can slow that down. "As the data center buildout eclipses existing utility capacity and more infrastructure must be built, we'll see that increasingly become a driver of customer rates," Hertz-Shargel told us in an email. The study doesn’t present a solution for the current situation, forecasting uncertainty as grid operators hurry to come up with some solution, as datacenter operators’ plans blow past their ability to meet demand. Hertz-Shargel didn't have much comfort to offer here, either. "With utilities and grid operators reforming their load interconnection processes, we're likely to see more capacity made available through utilities," Hertz-Shargel said. Not everyone is going to be able to secure that utility capacity, though, and the organizations that are left out will be stuck with the same choice: Wait for the grid to catch up, or rely on colocated generation and conditional grid connection deals, Hertz-Shargel explained. "When the current wave of transmission capacity completes, though, the industry will be in a position for quick acceleration," Hertz-Shargel added – as long as the numbers continue to work out. "That presumes that investors like what they see in terms of AI's return on investment by that time, however, and remain comfortable deploying massive capital into digital infrastructure." That's far from a sure thing at this point. The only thing that the report sees for certain in the current situation is a quick division into winners and losers in the AI race. Big players who are able to absorb the costs will emerge as victors. “The challenges facing [energy] collocation are surmountable for the most experienced and deep-pocketed developers,” Wood Mackenzie said. “Companies capable of operating reliably without firm grid service will be able to scale their AI business faster than others, positioning them to outcompete.” In other words, expect the big guns to further entrench their dominance as the little guys are starved to death or are gobbled up by the competition. There’s nothing like the American dream, eh? ®

PC buyers may be wincing at memory price hikes, but Lenovo isn't. The China-based tech biz says it sidestepped much of the industry pain by switching to premium devices and the numbers back it up. For Q4 of its fiscal 2026 ended March 31, Lenovo's Intelligent Devices Group posted revenue of $14.6 billion, up from $11.9 billion a year earlier. It reported operating profit - net profit was not disclosed - of just over $1 billion, up 20.7 percent. PC and smart devices revenues, specifically, grew 26 percent. “Last quarter, despite the supply shortages and rising component costs, we committed to sustaining growth and improving profitability, leveraging our operational excellence,” CEO Yang Yuanqing said on an earnings call. “We promised to maintain our PC revenue momentum despite a slowdown in PC shipments due to rising costs. We delivered. We shifted our mix towards premium to improve average unit revenue, and our PC shipment growth continued to outperform the market,” he stated. PCs accounted for half of Lenovo's overall group turnover, shipments were up 20 percent year-on-year and the corporation accounted for 24.4 percent global market share. Servers and services comprised the rest of Lenovo's revenues. The memory crunch has been brutal. Some DRAM and NAND flash prices doubled or quadrupled by early this year, as chipmakers chased higher margins on AI server memory and starved the consumer market of supply. The Register has previously reported how the price hikes led to a spike in PC sales, as corporate buyers brought forward purchases before memory costs climbed any further. Asked whether this had any effect on Lenovo’s numbers, EVP for Intelligent Devices Luca Rossi downplayed it. “So in calendar Q1, our last fiscal Q4, we definitely observed strong demand, which might partially be linked to some pull in, but I don't think that it will be a substantial number,” he stated. “Definitely, we are seeing some tight supply in certain components, particularly - as you probably know - in the semiconductor area. However, we feel confident about our ability to procure the parts we need and we did not adjust our full year target based on supply constraints. Rather, we will align the shipment target based on the real market and demand in order to maintain a healthy channel inventory and with the goal of maintaining a solid premium to market,” Rossi said. Lenovo expects unit shipments to decline year-on-year for its fiscal 2027. “But at the same time, we expect to maintain or very likely grow our revenue linked to the significant growth of the AUR (average unit revenue)," he added. Squeezing more profit from fewer system sales means availability of cheaper PCs will take a hit as Lenovo shifts production to premium boxes. This isn't the only impact AI is having on the PC market. CEO Yang pledged to embed the technology across Lenovo's entire product line, including forthcoming "personal AI super agents" Tianxi and QIRA, plus next-generation AI-native PCs, smartphones, wearables, and "personal computing hubs." Whether customers want all of that remains, as ever, an open question. Lenovo AI Now or Tianxi is a personal and private AI assistant to help with writing, summarizing, and quick settings for your computer, says Lenovo. QIRA is “your personal intelligence that’s by your side across Lenovo and Motorola devices. It moves with you, learns from you, and helps you get things done.” For those interested in the total financial figures, Lenovo claimed a fourth quarter revenue record of $21.6 billion, up 27 percent year-on-year. It recorded revenue of $83.1 billion and net profit of $1.91 billion for the whole of its fiscal '26. ®

It’s not every day a titan of industry pays six figures to settle claims it lied about spying on users via their smart home devices, but the FTC said that it would conclude the case against TV, radio, and advertising giant Cox Media Group (CMG) if it does. It would also need to make certain commitments around making misrepresentations. CMG, together with two smaller marketing companies, New Hampshire-based MindSift LLC and 1010 Digital Works LLC in Wisconsin, is alleged to have misled customers in advertising a supposed AI-powered service. This marketing product, called “Active Listening,” was pitched as a novel algorithm that could take snippets from user conversations, supposedly overheard by their smart home devices, and use them to generate targeted ads to other users in specific geographic regions. The FTC alleged that these companies were, in essence, claiming to be selling data they said they'd gathered by spying on users, who were said to have given their consent to all of this. In reality, claimed the watchdog, the trio was instead selling lists of email addresses bought from data brokers “at a significant markup,” the FTC said. There had been no listening in on smart devices or conversations of any kind, there was no voice data being used at all, and consumers had not given their consent to the advertised service, the regulator went on to allege. “Not only did the product these companies marketed not do what they claimed it did, but they also misled potential customers by claiming consumers had opted into this service when it’s clear they did not,” said Christopher Mufarrige, director at the FTC’s Bureau of Consumer Protection. “It is a basic rule of business that you need to be honest with your customers, and these companies failed to do that.” According to the complaints leveled at the three companies, in saying that users had consented to be enrolled in its Active Listening service, what they actually meant was that users had agreed to the terms of service when downloading or using certain applications. The FTC said that this is not the same as providing consent for their day-to-day conversations being snooped on by an algorithm running in their smart home devices. Further, even if Active Listening did work as the trio described, it would have violated Section 5 of the FTC Act because of the companies’ flawed consent model. CMG will pay the vast majority of the settlement sum, $880,000, while the two smaller companies will each pay $25,000. The funds will be used to compensate customers who bought into Active Listening’s marketing, the FTC said. All three companies are also barred from misrepresenting the features of their marketing services, collecting voice data, and geographic targeting capabilities. The Register contacted CMG for a response. ®

Microsoft has made Copilot a little less in-your-face with the option to banish the assistant's Dynamic Action Button to the toolbar. The change, rolling out this week, comes after howls of outrage from customers over Microsoft's decision to drop a Copilot button onto user workspaces. Although the desire to get users clicking on the assistant is understandable, obscuring content in its productivity applications was perhaps not the best way to do it. Microsoft's forums show plenty of frustration with the floating button. Some call it "infuriating," while others are less tactful. One Excel user wrote: "Did you let copilot design this idea and no human review it? Such abomination." Another said: "Putting a button over the working content was not a good move by Microsoft," which gets to the heart of the problem. Redesigns and interface tweaks will always generate strong feelings. However, obscuring content with something that many don't want is arguably a step too far. There was already a way to turn off Copilot features in Excel and Word via the Settings screen, but the latest update indicates that Microsoft has paid attention to recent feedback. A user commented: "There needs to be a toggle or something to move it back to the ribbon," and that is pretty much what Microsoft has done. A new option has been added to the button's menu, "Move to ribbon," which does exactly that. Click it, and Copilot is banished to the ribbon. The floating Copilot Dynamic Action Button is no more, although it can be moved back if a user happens to miss that particular design decision. Microsoft has acknowledged that forcing Copilot on users was not universally welcomed. Windows boss Pavan Davuluri promised a reduction in Copilot entry points and a rethink of how the technology is integrated into the operating system (because of course it isn't going away any time soon). Earlier in May, Microsoft said it would "streamline" access to Copilot in its productivity applications. Alas, that "streamline" involved the Copilot button, and plenty of customers asked for the ability to shift it back to the ribbon. Less than two weeks after the initial announcement, Microsoft has responded. Although Copilot will still be there, the option to move it back to the ribbon is a move in the right direction. ®

AT&T wants to ditch its traditional copper phone line infrastructure in California in favor of fiber everywhere, claiming it has to spend $1 billion each year on a telephone network that a tiny percentage of customers use. The US telecoms giant announced plans this week to invest $19 billion in The Golden State between now and the end of the decade to bring fiber to more than 4 million additional households and businesses, upgrading customers to the newer infrastructure. As part of its plans, the telco has filed a lawsuit [PDF] against several state officials seeking a court order to overturn California rules that require AT&T to continue offering a “plain old telephone service” (POTS). AT&T points out that the Federal Communications Commission (FCC) recently adopted rules that encourage telcos to retire their aging copper lines. The Washington-based telecoms regulator said the expansion of fiber cabling is hindered by "the need for carriers to divert precious resources to the maintenance of deteriorating legacy networks that deliver outdated services to an ever-decreasing number of subscribers." In its court filing, AT&T says "the copper wires that once served every home now serve just 3 percent of households in AT&T’s California territory," but complains that state-level "Carrier of Last Resort" (COLR) rules require it to continue supporting and maintaining POTS even after the FCC has authorized the service to be phased out. Under basic pre-emption principles, those COLR rules cannot stand, it asserts. But while the telco likes to portray this as bringing faster and more reliable modern network technology to all California residents, critics say rushing to phase out the old phone network could leave some users behind. A nonprofit public interest group, Public Knowledge, previously warned the FCC directive could impact consumers in rural areas, the elderly, those with disabilities, and anyone who relies on specialized medical equipment that uses phone lines. As The Register has previously covered, the UK’s former state-level operator BT was forced to delay plans to turn off the public switched telephone network (PSTN) and replace it all with all-fiber infrastructure after similar concerns were raised. This followed the introduction of a government charter to protect vulnerable customers, particularly those using TeleCare, which supports alarms that the elderly or infirm can trigger if they need emergency assistance. AT&T said it will take “a thoughtful, phased approach to upgrade customers,” and claimed “no customer will be left without access to phone or 911 service.” However, Public Knowledge said the FCC order relaxes or entirely drops various safeguards put in place by previous US administrations, including the requirement to prove through engineering tests that a new service adequately replaces the old for medical equipment and alarm systems. ®

Workday is hoping to boost its revenue and margins by using AI agents instead of hiring people, according to its CEO. After announcing revenue growth, Aneel Bhusri – the company co-founder who was reinstated as CEO in February – said his aspiration is to keep headcount the same while sustaining growth and increasing margins by harnessing AI. "I'd love to see us continue the growth that we had in Q1, but keep headcount as close to flat for the year as possible because we are getting the benefits of using our own products and other AI tools. That's where I'm hopeful and believe that we're going to have additional margin expansion as we get those benefits. That's different than what my view was coming in three months ago." In its Q1 results ended April 30, Workday recorded net profit of $222 million versus $68 million in the prior year, when the bottom line was hit by restructuring expenses. Revenue generated for the three months was $2.54 billion, up 13.5 percent year-on-year. The results beat market expectations and Workday forecast higher margins for the rest of the year, sending its share price up 10 percent in after-hours trading. Bhusri's aspiration to keep headcount flat while increasing revenue and margins follows a roller-coaster ride of public statements on employment plans. In February 2025, Workday announced an 8.5 percent cut to its global workforce – 1,750 positions – as it "intended to prioritize its investments and continue advancing Workday’s ongoing focus on durable growth," an SEC filing said. In June 2025, CFO Zane Rowe told an investment conference that the SaaS biz planned to rehire the same number of people, although with different roles. "We will be hiring back. We wanted to make sure everyone understood that this is not us reducing," he said. Nonetheless, in September 2025, then CEO Carl Eschenbach seemingly reversed the plan, telling investors it was "consolidating and streamlining the organization model" and did not "need more headcount to drive the business forward." By February 2026, Eschenbach was out the door as Workday said it would lay off about 2 percent of its staff in a bid to align with its "highest priorities." Shareholders may be delighted that Workday can now expand without having to increase the size of its workforce. But for a company that relies on organizations hiring people to create demand for its HR software, it seems like a strange example to set. ®

The FBI has issued a public service announcement warning about a new phishing kit that's stealing Microsoft OAuth tokens at an alarming rate. OAuth token theft is a serious headache for organizations because stolen tokens can bypass multi-factor authentication (MFA) and grant access to privileged accounts within an organization without needing to know their credentials. Think corporate espionage, data theft, maybe even ransomware. The main culprit is Kali365, described as a phishing-as-a-service platform that's being peddled on Telegram, first spotted by crimefighters in April 2026. "Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities," the FBI said in its announcement. Phishing kits aren't new. Different flavors are always in development, but the good ones can be especially problematic for organizations. Kali365 lets attackers send convincing phishing emails that impersonate "trusted cloud productivity and document-sharing services," - Adobe Acrobat Sign, DocuSign, and SharePoint - according to security shop Arctic Wolf. That email contains a device code and instructions for the target to enter the code into a legitimate Microsoft page, a hyperlink for which is included in the email. Entering that code registers the attacker's device to the unwitting target's M365 account, effectively surrendering access to emails, Teams, and all the rest of it. No MFA required. Arctic Wolf published a deep dive on Kali365 back in April, noting that it also offers adversary-in-the-middle (AitM) capabilities that are distinct from the device code phishing described by the FBI. The second attack Kali365 enables leads to the same outcome, accessing Microsoft accounts while bypassing MFA, just through slightly different mechanics. Victims are sent an initial phishing email containing a cookie-based lure, which transparently proxies their browser via attacker-controlled infrastructure, Arctic Wolf said. Requests are then forwarded to a real Microsoft login page, and responses are beamed back to the victim, who authenticates the typical way using their valid credentials, passing Microsoft MFA. Session cookies, related artifacts, and other session information are scooped up during this process and stored in the Kali365 attacker panel. From there, attackers can generate scripts to replay those sessions in their own environment, effectively borrowing the genuine user's session. The researchers' analysis of Kali365 revealed three distinct tiers for subscribers. The lowest Client Tier is for individual attackers, who can change the branding on the panels to give each a bespoke look while sporting the same underlying powers. The Agent Tier is for resellers who can provision and manage their own branded Kali365 panels and Client Tiers. The Admin Tier is reserved for Kali365's developers. Kali365 has a simple pricing structure: $250 per month per tenant, or $2,000 for a year. It supports an array of languages: Arabic, Chinese, Dutch, English, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Spanish, and Turkish. Since emerging in April, Kali365 has often been mentioned in the same breath as EvilTokens, another device code phishing platform that hit headlines weeks earlier after Microsoft confirmed hundreds of compromises each day. "Each campaign is distributed at scale, targeting hundreds of organizations with highly varied and unique payloads, making pattern-based detection more challenging," Tanmay Ganacharya, VP of security research at Microsoft, told The Register. "We continue to observe high-volume activity, with hundreds of compromises occurring daily across affected environments." Both Arctic Wolf and the FBI suggested organizations at risk should use conditional access policies to block device code flow where not required. Defenders should also consider blocking authentication transfer policies, which let users move authentication between devices such as PCs and phones. ®

Partner Content ZTE Corporation (0763.HK / 000063.SZ), a global leading provider of integrated information and communication technology solutions, held ZTE Day Indonesia 2026 in Jakarta, as its annual technology showcase event, bringing together industry leaders, technology partners, and digital ecosystem players to discuss the future of AI, intelligent infrastructure, and digital transformation in Indonesia. As industries increasingly adopt AI, cloud technologies, and data-driven operations, the demand for smarter, adaptive, and future-ready digital infrastructure continues to accelerate. Responding to this momentum, ZTE Day Indonesia 2026 highlighted how AI, intelligent networks, cloud infrastructure, and next-generation connectivity are becoming key foundations for national digital competitiveness and future economic growth. The event showcased a broad range of integrated ICT innovations spanning artificial intelligence (AI), intelligent computing, cloud infrastructure, optical transport, enterprise networking, Wi-Fi 7, and next-generation connectivity technologies designed to support enterprises, operators, and industries navigating the AI era. Liu Sen, President Director of ZTE Indonesia, stated that Indonesia is currently entering an important phase of digital transformation, where progress will increasingly depend on strong collaboration between technology providers, infrastructure players, and partners across the digital ecosystem. "Indonesia is currently entering an important phase of digital transformation, where AI, cloud technologies, and intelligent connectivity will become the key foundations of future digital economic growth. Through ZTE Day Indonesia 2026, we aim to demonstrate how technology innovation can be implemented to support the development of smarter, more efficient, and sustainable digital infrastructure. We believe that cross-industry collaboration will play a crucial role in building a strong digital foundation to support Indonesia's vision of becoming a leading digital economy," said Liu Sen. Beyond showcasing technology innovations, ZTE Day Indonesia 2026 also emphasized the growing importance of ecosystem collaboration in supporting Indonesia's AI-ready digital landscape. During the exhibition showcase, ZTE presented a series of its latest innovations, including nubia's latest AI smartphone, high-performance AI server solutions, optical transport technologies, AI-powered network management systems, and Wi-Fi 7 enterprise connectivity solutions. ZTE also demonstrated its comprehensive end-to-end digital ecosystem capabilities through solutions covering RAN, microwave, transport network, core network, fixed network, and big video solutions. These innovations reflected the company's commitment to supporting operators, enterprises, and industries in addressing the evolving demands of the digital era. As part of ZTE Day Indonesia 2026, the ZTE Open Day Afternoon Session featured keynote presentations from Prof. Viciano Lee of Sertis Indonesia, Sami Muhammad Salman from Whale Cloud Technology Indonesia, Mohan Albert, Director of CTO Group at ZTE, and Chok Shin Lip, Partner Solution Architect Director at Alibaba Cloud Intelligence. The keynote sessions explored the growing role of AI, cloud technologies, intelligent infrastructure, and ecosystem collaboration in supporting enterprise transformation and accelerating Indonesia's digital economy development. The event also hosted a panel discussion titled "Connecting the Ecosystem: Intelligent Connectivity for Enterprise Integration & Value Innovation", featuring industry leaders including Eric Arianto, Chief Technology & Network Officer of Linknet, Irawan Delfi, Network Development Division Head of Fiberstar, and Sigit Dwi Cahyo, Head of Technology Planning and Product of Tower Bersama Group. The panel explored the importance of intelligent connectivity, fiber infrastructure readiness, and ecosystem integration in supporting enterprise digitalization, service innovation, and the growing demand for seamless digital experiences across industries. Another panel discussion titled "Building the Foundation: Digital Infrastructure for Indonesia's AI Era", moderated by Vincent Han, featured industry leaders including Abieta Billy from DCI Indonesia, Muljadi Muhali from Fortress Digital Services, and Marlo Budiman from DSST Mas Gemilang. The second panel emphasized the importance of strengthening digital infrastructure readiness, enhancing data center capabilities, and fostering industry collaboration to support the growing adoption of AI technologies and Indonesia's broader digital transformation agenda. Through keynote sessions, panel discussions, interactive product demonstrations, and networking activities, ZTE Day Indonesia 2026 provided customers, partners, and industry stakeholders with deeper insights into AI implementation, intelligent digital infrastructure, and real-world applications of next-generation technologies across industries. Contributed by ZTE.

SpaceX called off the launch of its huge Starship rocket seconds before liftoff due to a ground equipment problem. The countdown clock reached a planned hold at T-40 seconds after a relatively trouble-free process. Some iffy weather had cleared, and everything looked good for the twelfth Starship test flight - the first try-out for the latest generation of the vehicle and launchpad. Alas, it was not to be. After repeatedly resetting the countdown clock to the T-40 second mark due to problems, which included warnings from sensors on the quick-disconnect arm on the launch pad and issues with the pad's water diverter, SpaceX eventually threw in the towel and scrubbed the launch. Boss man Elon Musk blamed the scrub on the ground equipment, and posted on X: "The hydraulic pin holding the tower arm in place did not retract." Musk wrote that if the issue could be fixed, SpaceX will try again later today. The next window opens at 5:30 pm CT, according to the billionaire. Considering that this was the first launch attempt from a new pad and the first of this vehicle's iteration, the countdown problems are unsurprising. As such, getting to the T-40 second mark was an achievement in its own right. Sadly, the team had only a few minutes to deal with the problems, since the propellant loading was complete and the fuel temperature could not be maintained for long. Expectations are high for this mission. Despite years of development and Musk's promises, Starship is still non-operational, and its launches remain on suborbital trajectories during its test phase. The vehicle has quite a way to go before it can play a part in NASA's goal of landing a crew on the Moon. According to the company's recent IPO filing, "We expect Starship to commence payload delivery to orbit in the second half of 2026." The second half of 2026 is only weeks away, so it'll be an interesting few months. The IPO filing also states that Musk's performance-based restricted shares in SpaceX vest upon the establishment of a permanent human colony on Mars "with at least one million inhabitants." First, however, the SpaceX needs to get to Mars. During the scrubbed launch attempt, it announced that crypto billionaire Chun Wang, who commanded the Fram2 private human spaceflight mission in 2025, would be on the crew for a future flyby of the red planet. Hopefully, Wang's jaunt to Mars won't end up canceled like the dearMoon project, a mission to the Moon financed by Japanese billionaire Yusaku Maezawa. The project was unveiled in 2018, but was eventually canceled in 2024. Starship has yet to hit Earth orbit, let alone head to the Moon. ®

Partner Content ZTE participated in the GSMA M360 Eurasia 2026 conference held in Samarkand, where James Zhang, Senior Vice President of ZTE and President of the Asia-Pacific and CIS regions, delivered a compelling keynote speech. Titled "Bridging the Divide and Empowering All — Shaping Eurasia's Next-Gen Intelligent Infrastructure," the address outlined ZTE's strategic blueprint: aligning optimal TCO models with local market requirements to build anti-fragile AI infrastructure. As GSMA Eurasia report highlights, although the mobile industry accounts for only around 0.5% of GDP directly, it enables as much as 7.7% of wider economic value. "Behind this huge opportunity, however, ZTE also faces a new challenge. Multi-generation networks are increasing operational complexity, while AI is driving explosive demand for traffic and computing power. Networks and computing can no longer operate in isolation. They must converge into an integrated system of connectivity, computing, and intelligent services. In simple terms, we are moving from transmitting bits to carrying tokens," James Zhang pointed out. Trend of AI Development Looking globally, there is a very clear trend: more and more countries are elevating localized AI capabilities to a matter of national strategy. Across Eurasia, governments, operators and industry partners are joining forces to deeply cultivate local LLMs and tailored AI services. When AI enters critical areas such as finance, e-government, education, healthcare and smart cities, it must understand local languages, respect local cultures and meet local regulatory and security requirements. James Zhang outlined that for mass AI deployment, security and anti-fragility are necessary. With rising complexity, local failures are bound to happen. To solve this, ZTE provides advanced cross-domain Autonomous Networks. It allows ZTE’s network and computing foundation to self-heal during fluctuations and automatically optimize under pressure, transforming uncertainty into reliable business assurance. The Energy Efficiency Challenge He posed two fundamental questions to industry leaders about the AI era: Can people and businesses afford to use AI from an energy efficiency and cost standpoint? And can AI be sustained over the long term from a supply-side certainty standpoint? James Zhang argued that if computing and energy costs remain too high, AI will not empower every industry. It will become a luxury available only to a few giants and a handful of high-value scenarios. This led to his first major proposal: the core metric of AI competition is changing. "AI competition is not only about who has more computing power, but who delivers intelligence more efficiently," James Zhang said. This is critical as AI Agents and large-scale inference go mainstream, making workloads highly dynamic and unpredictable. This is where ZTE's system-level design creates value. He explained: "ZTE is building an E2E intelligent foundation. On one hand, ZTE improves system-level efficiency through advanced liquid cooling and modular data centers. On the other hand, ZTE combines green energy, energy storage, intelligent energy management and computing scheduling to create a safer and more resilient energy system." As a real-world example, he cited ZTE's data center cooperation with Tencent, where integrated energy-saving technologies reduced energy consumption by 30% with a PUE below 1.25. "True efficiency cannot come from a single component. It requires deep synergy across facilities, networks, and computing," he added. Three Key Capabilities for Sustainable AI Addressing the second question – how to build AI infrastructure that can be kept running continuously – James Zhang outlined three essential capabilities. First, Supply Assurance. Sovereign AI must be built on certainty. Only when the underlying infrastructure is stable, deliverable, and continuously evolvable can AI truly enter core business processes. This is where ZTE's long-term experience matters. Today, ZTE serves over 500 operators and 2 billion users across 160 countries and regions. This gives ZTE a deep understanding of local regulatory requirements and real operational challenges in different markets. In Kazakhstan, for example, ZTE is working with Beeline on the Giga City 2.0 project, driving large-scale joint innovation in green sites and AI-driven solutions. Second, Ecosystem Openness. Sovereign AI must not be locked into one chip, one model, or one technology path. ZTE's open platform already supports over 100 types of GPUs and is compatible with more than 200 SOTA models. For vertical industries, this broad compatibility lowers the threshold for localized deployment and reduces the complexity of future evolution. Third, Cost-Effectiveness. If AI always depends on the most advanced data centers and the most expensive computing clusters, it will never become truly inclusive. ZTE's open platform can accurately match computing resources according to model size, latency requirements, and business value. It can support high-value scenarios while also opening the last mile for inclusive intelligence to reach local ecosystems. "Affordable AI does not mean 'low-spec AI'. It is about optimizing TCO to set AI free, making it easier to deploy, sustainable, and ready for scale," James Zhang emphasized. Localizing the Blueprint for Eurasia James Zhang acknowledged that China's massive digital economy offers a valuable reference blueprint for Eurasia, but ZTE's approach is never about blindly copying a single model. "The answer lies in integrating proven engineering capabilities, ecosystem experience and commercial frameworks with the distinct local needs of Eurasian markets," he explained. Over the past few years, ZTE has already collaborated with China's leading tech pioneers in cloud computing, LLMs, and smart logistics, and has forged a highly resilient ecosystem. In Eurasia, this localized approach is already in action through projects such as the Beeline Bukhara Data Center in Uzbekistan and the AI supercomputing infrastructure at Al-Farabi Kazakh National University. "ZTE brings a proven open ecosystem and a commercially verified TCO methodology. ZTE believes AI must not remain a privilege for a few. They must become inclusive infrastructure that every industry and every user can afford. This is the ultimate meaning of Affordable AI: bridging the divide and empowering all," he concluded. From Simple Traffic Carriers into Full-domain Orchestrators In the future, when drones, robots, autonomous vehicles, AI glasses and smartphones interact with each other, they will not simply need traditional data packages. They will need ms-level network assurance, edge computing and AI capability. This means operators will evolve from simple traffic carriers into full-domain orchestrators of connectivity, computing, models, and security. The future business model may include tokens, inference times, model calls, latency guarantees and agent tasks, turning AI capabilities into a new form of "traffic" that is on demand and pay-as-you-go. Therefore, the future value of operators is not only to sell more traffic. It is about becoming the capability orchestration platform and value settlement platform behind the intelligence of everything. ZTE's Growing Footprint in Central Asia Beyond the keynote, ZTE has established a substantial presence across Central Asia, contributing to digital transformation in several key areas. In Uzbekistan, ZTE constructed the Beeline Bukhara container data center, the country's first Tier III‑certified modular facility. Using standardized container architecture, it reduces deployment time by 60 percent compared to traditional construction and guarantees 99.982 percent availability for finance, government, and cloud services. The facility fills a critical gap in high‑availability modular data centers and provides a core computing foundation for the country's digital transformation. In parallel, ZTE has invested in local talent development through a deep partnership with Tashkent University of Information Technologies (TUIT) and other universities, bridging the gap between academic learning and real‑world ICT operations. In Kazakhstan, ZTE has delivered a series of transformative projects. In household digitalisation, ZTE partnered with the largest local telecom operator to bring gigabit level speed to hundreds of thousands of families, enabling online education, remote work and 4K video at scale. In mobile networks, ZTE worked with Beeline to modernise the wireless infrastructure, boosting coverage, speed and peak bandwidth by over 35 percent. In the research domain, ZTE built a supercomputing data centre at Al‑Farabi Kazakh National University, one of the most powerful in Central Asia, supporting AI research, climate modelling, and the development of Kazakh-language large language models. Through these initiatives, ZTE continues to demonstrate its commitment to building secure, trusted, and inclusive digital ecosystems across Central Asia, helping the region become a benchmark for digital transformation among emerging economies. Contributed by ZTE.

Outlook is having difficulty with images and sometimes omits them altogether due to a bug introduced in version 2604 Build 19929.20164. Microsoft admitted in a support article that, instead of an embedded image in an email, Outlook might show a placeholder with the error message: "The linked image cannot be displayed. The file may have been moved, renamed, or deleted. Verify that the link points to the correct file and location." Occasionally, it might show nothing at all. The problem is particularly irksome for affected users whose signatures include an image. Where there might be a company logo, there is, at best, an error indicating that something has gone wrong. Microsoft provided some steps to check whether missing images are being caused by the bug, although the process, which involves looking at the source, might be beyond users who are trying to send out a newsletter and wondering where the pictures have gone. Until a fix is issued, the workaround is to "avoid setting images with Wrap Text with Top and Bottom." Only Outlook Classic is affected, and a cynic might wonder if this, and other recent problems such as Quick Steps being grayed out, are symptomatic of Microsoft paying less attention to the venerable email client in favor of New Outlook (or whatever it is being called today). The good news is that, according to Microsoft, "images in the original message should be fine once a fix is released for this issue." However, the bad news is that "Replies or Forwards to these [affected] messages may permanently lack the image because it did not get included." Image handling is basic, and it's difficult to understand how it was missed during testing. We asked Microsoft what happened, but it has not responded. In the meantime, the workaround will suffice. Unless, of course, you work for a business whose logo is a white box with a red cross and what looks like some error text. ®

The US President’s oft-maligned Trump Mobile venture may be facing another setback after a security buff claims he discovered a now-plugged website vulnerability that he says was leaking what could be tens of thousands of suckers' customers' details. The individual behind the discovery, who goes by "Louis," says he's a self-taught tech tinkerer and described himself as "just a nerd between jobs with too much time on my hands." He reckons the website’s data could be scooped up with a simple POST request. “It wasn't SQL. That wouldn't be as bad,” he told The Register. “It was a really simple HTTP request. POST, and then just asking for the info I wanted, basically.” More than 27,000 people who ordered from Trump Mobile, the President’s all-American smartphone and cell service brand, had their data flimsily secured online, Louis claimed. Louis, a long-serving IT professional who refuses to be called a security researcher, said the types of data he was able to gather included: first and last names, primary addresses, secondary addresses, email addresses, phone numbers, customer/account numbers, "enrollment ID" (pre-order number), and whether the order was placed by phone or online. “I discovered it first by looking into the site to see if I could find how many orders there actually were, and noticing some API endpoints,” he added. “I tried a couple of basic commands, and then it started showing whatever data I wanted. “It was as easy as going to the website and writing a very simple HTTP POST request into the console.” The website flaw only allowed him to return ten customer records at a time, he said, but these records all contained a customer number, which Louis used to loop through them all. In the space of an hour, the method allowed him to access the records of around 5,000 Trump Mobile customers, he claimed. After confirming the issue was valid and that all the data his script scooped up was deleted, Louis tried to disclose his findings to Trump Mobile, and anyone else who could take action, but received no response, although someone appears to have fixed the issue. The Register also tried contacting Trump Mobile but similarly received nothing in return. Out of options for disclosure, Louis decided to go public, informing two prominent YouTube creators and known orderers of the Trump T1 phone, Stephen “Coffeezilla” Findeisen and Charles “penguinz0” White Jr., whose respective videos covering his findings have jointly gathered millions of views. Trump T1 begins shipping Trump Mobile’s flagship device, the T1 Android smartphone with the gold-colored casing, began showing up at pre-order customers’ doors this week, after originally being slated for an August 2025 release. The brand’s entire schtick since first being announced in June 2025, around the time of a significant escalation in US-China trade war conflict, was that everything was going to be “Made in America.” Early renders of the proposed T1 showed what appeared to be an iPhone-like device – gold-colored, of course – but those who received their orders this week confirm it is just a reskinned HTC U-24 Pro, a mid-range Android from the Taiwanese tech biz which first hit the market in June 2024. The American flag embossed on the back of the device also only has 11 stripes instead of 13, although all the stars are present and accounted for, at least. When the President’s sons launched the Trump Mobile Brand last year, they promised the devices would be manufactured in America, although the company soon dropped this from its marketing. The T1 comes loaded with 512GB of storage, a 120Hz display, a Snapdragon 7 chip, and, of course, Truth Social pre-installed. Customers can order now to lock in what the company calls promotional pricing, picking up the T1 for $499. It is not clear what this may rise to in the future. You can pick up a standard HTC U-24 Pro 512GB model for roughly the same price, depending on the retailer. ®

Irish Rail has quietly written off €50 million on a troubled train traffic management system that now appears headed for the same graveyard as many ambitious public-sector IT projects before it. The State-owned rail operator no longer has confidence the new Traffic Management System can be rolled out across Ireland’s rail network as originally planned, according to reporting by The Irish Times. The system was supposed to modernize how train movements are managed nationwide as part of the wider National Train Control Centre project. Instead, the project has become the latest addition to Ireland’s increasingly crowded museum of expensive state IT mishaps. Irish Rail has now reportedly reduced the carrying value of the asset by €50 million in its 2025 accounts, after years of delays, technical concerns, and apparent doubts over whether contractor Indra can deliver a workable system at all. The system was initially expected to cost less than €20 million and launch last year, before the usual gravitational forces affecting large public sector IT projects took hold. The controversy quickly landed before Ireland’s Public Accounts Committee, where lawmakers sounded distinctly unsurprised to discover another large public-sector technology project eating tens of millions of euros. John Brady, chair of Ireland’s Public Accounts Committee, called the situation “quite simply unbelievable” and questioned how the project had been allowed to “slowly drift, with more and more public money being spent every single day.” Brady also warned the failure could have broader implications for Ireland’s rail expansion plans, raising “massive questions about the governance, ministerial oversight and financial control in place on the project.” Aiden Farrelly, an Irish Social Democrats politician who sits on the PAC, said the debacle created “a growing sense of Groundhog Day” around Irish public sector IT projects. “While more information has yet to emerge about this specific case, it’s fair to conclude that, when it comes to IT projects, the State simply can’t manage them,” Farrelly said in a statement. Farrelly also called for greater involvement from Ireland’s Office of the Government Chief Information Officer, arguing the agency should play a more hands-on role overseeing major state technology projects rather than leaving accountability entirely to individual public bodies. Meanwhile, Sinn Fein’s Pearse Doherty called the writedown a “national scandal” and accused the government of treating taxpayer money “as if it were Monopoly money” during a heated Dáil exchange. The Public Accounts Committee is now expected to summon Irish Rail, the National Transport Authority, and government officials for further questioning over the potential collapse of the project. The timing is awkward for Ireland’s broader rail expansion ambitions, which already face mounting scrutiny over costs, delays, and delivery risks across projects including MetroLink, DART+, and the perpetually delayed Navan rail line.®

EPISODE 10 Sigh. The Boss has written an app and is quite pleased with himself. The higher-ups are even more pleased because it apparently saves us money. They're so pleased, in fact, they're mandating that it be installed on Company phones. The Boss writing an app in the first place is a red flag so large it could claim a world record, but it gets worse as he wants us to help sell it to the plebs. The PFY and I aren't having a bar of it as there's a fair chance that he's reinvented the wheel – after making it "better" by removing all those pesky curved bits. I've deliberately not asked to look at the source code, as I expect it'll be 40,000 lines of improvised (not interpreted) BASIC. "I used AI to make it," the Boss offers. Ah. Initially I'd thought the Boss must've watched a bunch of YouTube videos on programming, but I now realize that his laziness gene kicked in early and he's been "vibe-coding." The horror! I upgrade my mental picture from "blind leading the blind" to "incompetent leading the blind – through a minefield. In the dark. On pogo sticks." "It's got AI in it!" the Boss whines, after the PFY and I express our doubts. "So have the words failure, and painful, and brainless," the PFY points out. "Maybe, but this is the perfect synergy of..." "Salt and vinegar?" I suggest. "What?" "Perfect synergies – a prime example of which is salt and vinegar," I reply. "Or muesli on ice cream," the PFY adds. "I mean new synergies," the Boss chips back. "Ah, like salt and vinegar crisps and marmalade sandwiches?" I ask. "What?" "They're surprisingly good," I say. "I MEAN the new synergies of artificial intelligence, deep technical knowledge, and plain language," he blathers. "You realize that the synergy of deep technical knowledge and plain speaking is essentially what AI claims to be? After you add a layer of obscurity, some hallucinations, and a touch of mental illness, that is." "No, this is an app to help you in the workplace." "Help me in the workplace, how?" I ask. "Does it tell me which windows have faulty safety catches?" "No, this is an app for everyone." "Ah, so it's an app to warn people about windows with faulty safety catches?" "No! Say you're new to the Company but you don't know, I dunno, where the paper is for the photocopier," the Boss says. "I think the first problem you'd have would be finding a photocopier. All we have are multifunction printers." "Alright then, you need to find paper for the printer – but you don't know where it is." "The printer or the paper?" the PFY asks. "Why would you need paper for a printer if you didn't know where the printer was?" "I ask myself these questions daily," the PFY sighs. "Anyway, the paper's in the cupboard beside the printer." "Well, what if there wasn't any paper in the cupboard beside the printer?" "Then it would be in one of the cartons of paper, which are beside the cupboard, which is beside the printer." "What if there wasn't any?" the Boss snaps. "There's always paper there. Sometimes five or six cartons." "WHAT. IF. THERE. WASN'T?!" "You'd ask the office admin person." "WHAT IF YOU ARE THE OFFICE ADMIN PERSON? And you've just started, and the printer's out of paper." "Oh, right. So... you'd use the app?" I ask. "YES! YOU'D USE THE APP. It'd tell you where the storeroom is, and you could get some paper. It might identify the best type of paper to use for the photoco- PRINTER that you have, and, maybe, suggest that you pick up a spare toner cartridge if your printer was running low." "So the app is able to remotely check on printer toner levels?" I ask. "No, it would suggest you pick up a spare cartridge if the printer was low." "How would you know if the toner was low if you'd just started?" the PFY asks. "When you don't know where the printer is?" I add. "You'd ask the app how to tell if it was low. It could talk you through how to check your particular printer." "So... the app will know where your printer is?" the PFY asks. "THE APP WILL HELP YOU WITH YOUR PRINTER, WHEN YOU FIND OUT WHERE IT IS!" the Boss snaps. "Ah right, now I'm with you. So, to clarify: you've written an app which will suggest you check the toner of a printer – that you have to find – which is out of paper – that you have to find – because you're a new office admin person. It's a little... niche... for an app, don't you think?" "NO!" the Boss blurts, maybe a touch frustrated. "It's an app for everyone." "But most people already know where the printer and paper are." "That's just one example of what it might do. It might, I don't know, explain how to use the air conditioning system based on the current environment and include tips on how to use it most efficiently for power consumption. It could maybe teach you how to choose a complex password to meet our security policy. Maybe it could highlight better travel options to get to work." "OK, I get it. You've invented a mansplaining app." "No! This app is good for everyone!" "So you keep saying. But the theory behind any good app is that it gives you some competitive advantage – an advantage that would be lost if everyone had the app." "How do you mean?" "Like the app the PFY wrote." "What does it do?" "If I told you, he might lose his competitive advantage." "Well, I'll ask him then." ... It's amazing how quickly the PFY can vibe-code a faulty window safety catch app. There might be something in that AI stuff after all... BOFH: Previous episodes on The RegisterThe Compleat BOFH Archives 95-99

The government’s plans to introduce digital ID could be put in doubt if Andy Burnham, who spoke out against the scheme last September, replaces Keir Starmer as the UK prime minister. The Greater Manchester mayor told a session at the UK's Labour party conference in Manchester last autumn that he opposed digital ID given the problems the previous Labour government he had served in had experienced with ID cards. “I think there’s a risk of an opportunity cost situation here, where something can consume a huge amount of time and actually doesn’t come through,” he said. “And that will be the lesson about 2005 to 2010 Parliament; it consumed a lot of air time and it didn’t actually materialize.” ID cards did actually materialize – with 13,200 produced before the scheme was scrapped. In fact, the Home Office used Manchester as a testing ground for the scheme. Burnham helped to sell it when he was a Home Office minister in 2005-6, telling the BBC that compulsory national ID cards would be “a major breakthrough” in tackling identity fraud. On 19 May 2026 Burnham was selected by Labour to fight the Parliamentary seat of Makerfield in a by-election in June. It would be a surprise if the party had not chosen him, given the former MP Josh Simons stood down to provide Burnham with the chance of returning to Parliament and then challenging Starmer as Labour leader and UK prime minister. Until February, Simons was the minister responsible for Starmer’s digital ID plans. He resigned after his decision to commission a probe into journalists who had written critical articles about the think tank he ran, Labour Together. To return to Westminster, Burnham will have to win a by-election in a constituency where Nigel Farage’s Reform party won more than half of the votes in local council elections earlier this month. The area also voted 65 percent in favor of leaving the European Union (EU) in 2016’s Brexit referendum. Burnham is already playing down his previous support for the UK to get closer to the EU as he starts campaigning. If he wins both Makerfield and then convinces Labour MPs to make him their leader, would he follow through on his comments of last September? Burnham has been known to change his views but if he got to be prime minister, dumping a policy introduced by his predecessor would suggest he was making a fresh start. Digital ID is also opposed by other parties, including Reform, so dropping it would remove a point of difference and could tempt some voters back to Labour. On the other hand many Labour MPs like the policy, and it is their collective call as to whether Burnham becomes prime minister if he can win Makerfield. In the House of Commons on 15 January, then minister Josh Simons made a statement on digital ID in answer to an urgent question from Conservative MP Mike Wood. Responding, Wood told the Commons: “In September, the prime minister tossed this mandatory digital ID on to the table as a classic dead cat distraction, purely to keep Andy Burnham off the front pages as the Labour party conference started.” Wood’s statement was feisty enough for the deputy speaker to mutter “Someone’s had their Weetabix.” But there would be some symmetry if Prime Minister Burnham scrapped a scheme that was supposedly introduced to distract attention from him when he was just the mayor of Greater Manchester. ®