TheRegister

Microsoft has made Copilot a little less in-your-face with the option to banish the assistant's Dynamic Action Button to the toolbar. The change, rolling out this week, comes after howls of outrage from customers over Microsoft's decision to drop a Copilot button onto user workspaces. Although the desire to get users clicking on the assistant is understandable, obscuring content in its productivity applications was perhaps not the best way to do it. Microsoft's forums show plenty of frustration with the floating button. Some call it "infuriating," while others are less tactful. One Excel user wrote: "Did you let copilot design this idea and no human review it? Such abomination." Another said: "Putting a button over the working content was not a good move by Microsoft," which gets to the heart of the problem. Redesigns and interface tweaks will always generate strong feelings. However, obscuring content with something that many don't want is arguably a step too far. There was already a way to turn off Copilot features in Excel and Word via the Settings screen, but the latest update indicates that Microsoft has paid attention to recent feedback. A user commented: "There needs to be a toggle or something to move it back to the ribbon," and that is pretty much what Microsoft has done. A new option has been added to the button's menu, "Move to ribbon," which does exactly that. Click it, and Copilot is banished to the ribbon. The floating Copilot Dynamic Action Button is no more, although it can be moved back if a user happens to miss that particular design decision. Microsoft has acknowledged that forcing Copilot on users was not universally welcomed. Windows boss Pavan Davuluri promised a reduction in Copilot entry points and a rethink of how the technology is integrated into the operating system (because of course it isn't going away any time soon). Earlier in May, Microsoft said it would "streamline" access to Copilot in its productivity applications. Alas, that "streamline" involved the Copilot button, and plenty of customers asked for the ability to shift it back to the ribbon. Less than two weeks after the initial announcement, Microsoft has responded. Although Copilot will still be there, the option to move it back to the ribbon is a move in the right direction. ®

AT&T wants to ditch its traditional copper phone line infrastructure in California in favor of fiber everywhere, claiming it has to spend $1 billion each year on a telephone network that a tiny percentage of customers use. The US telecoms giant announced plans this week to invest $19 billion in The Golden State between now and the end of the decade to bring fiber to more than 4 million additional households and businesses, upgrading customers to the newer infrastructure. As part of its plans, the telco has filed a lawsuit [PDF] against several state officials seeking a court order to overturn California rules that require AT&T to continue offering a “plain old telephone service” (POTS). AT&T points out that the Federal Communications Commission (FCC) recently adopted rules that encourage telcos to retire their aging copper lines. The Washington-based telecoms regulator said the expansion of fiber cabling is hindered by "the need for carriers to divert precious resources to the maintenance of deteriorating legacy networks that deliver outdated services to an ever-decreasing number of subscribers." In its court filing, AT&T says "the copper wires that once served every home now serve just 3 percent of households in AT&T’s California territory," but complains that state-level "Carrier of Last Resort" (COLR) rules require it to continue supporting and maintaining POTS even after the FCC has authorized the service to be phased out. Under basic pre-emption principles, those COLR rules cannot stand, it asserts. But while the telco likes to portray this as bringing faster and more reliable modern network technology to all California residents, critics say rushing to phase out the old phone network could leave some users behind. A nonprofit public interest group, Public Knowledge, previously warned the FCC directive could impact consumers in rural areas, the elderly, those with disabilities, and anyone who relies on specialized medical equipment that uses phone lines. As The Register has previously covered, the UK’s former state-level operator BT was forced to delay plans to turn off the public switched telephone network (PSTN) and replace it all with all-fiber infrastructure after similar concerns were raised. This followed the introduction of a government charter to protect vulnerable customers, particularly those using TeleCare, which supports alarms that the elderly or infirm can trigger if they need emergency assistance. AT&T said it will take “a thoughtful, phased approach to upgrade customers,” and claimed “no customer will be left without access to phone or 911 service.” However, Public Knowledge said the FCC order relaxes or entirely drops various safeguards put in place by previous US administrations, including the requirement to prove through engineering tests that a new service adequately replaces the old for medical equipment and alarm systems. ®

Workday is hoping to boost its revenue and margins by using AI agents instead of hiring people, according to its CEO. After announcing revenue growth, Aneel Bhusri – the company co-founder who was reinstated as CEO in February – said his aspiration is to keep headcount the same while sustaining growth and increasing margins by harnessing AI. "I'd love to see us continue the growth that we had in Q1, but keep headcount as close to flat for the year as possible because we are getting the benefits of using our own products and other AI tools. That's where I'm hopeful and believe that we're going to have additional margin expansion as we get those benefits. That's different than what my view was coming in three months ago." In its Q1 results ended April 30, Workday recorded net profit of $222 million versus $68 million in the prior year, when the bottom line was hit by restructuring expenses. Revenue generated for the three months was $2.54 billion, up 13.5 percent year-on-year. The results beat market expectations and Workday forecast higher margins for the rest of the year, sending its share price up 10 percent in after-hours trading. Bhusri's aspiration to keep headcount flat while increasing revenue and margins follows a roller-coaster ride of public statements on employment plans. In February 2025, Workday announced an 8.5 percent cut to its global workforce – 1,750 positions – as it "intended to prioritize its investments and continue advancing Workday’s ongoing focus on durable growth," an SEC filing said. In June 2025, CFO Zane Rowe told an investment conference that the SaaS biz planned to rehire the same number of people, although with different roles. "We will be hiring back. We wanted to make sure everyone understood that this is not us reducing," he said. Nonetheless, in September 2025, then CEO Carl Eschenbach seemingly reversed the plan, telling investors it was "consolidating and streamlining the organization model" and did not "need more headcount to drive the business forward." By February 2026, Eschenbach was out the door as Workday said it would lay off about 2 percent of its staff in a bid to align with its "highest priorities." Shareholders may be delighted that Workday can now expand without having to increase the size of its workforce. But for a company that relies on organizations hiring people to create demand for its HR software, it seems like a strange example to set. ®

The FBI has issued a public service announcement warning about a new phishing kit that's stealing Microsoft OAuth tokens at an alarming rate. OAuth token theft is a serious headache for organizations because stolen tokens can bypass multi-factor authentication (MFA) and grant access to privileged accounts within an organization without needing to know their credentials. Think corporate espionage, data theft, maybe even ransomware. The main culprit is Kali365, described as a phishing-as-a-service platform that's being peddled on Telegram, first spotted by crimefighters in April 2026. "Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities," the FBI said in its announcement. Phishing kits aren't new. Different flavors are always in development, but the good ones can be especially problematic for organizations. Kali365 lets attackers send convincing phishing emails that impersonate "trusted cloud productivity and document-sharing services," - Adobe Acrobat Sign, DocuSign, and SharePoint - according to security shop Arctic Wolf. That email contains a device code and instructions for the target to enter the code into a legitimate Microsoft page, a hyperlink for which is included in the email. Entering that code registers the attacker's device to the unwitting target's M365 account, effectively surrendering access to emails, Teams, and all the rest of it. No MFA required. Arctic Wolf published a deep dive on Kali365 back in April, noting that it also offers adversary-in-the-middle (AitM) capabilities that are distinct from the device code phishing described by the FBI. The second attack Kali365 enables leads to the same outcome, accessing Microsoft accounts while bypassing MFA, just through slightly different mechanics. Victims are sent an initial phishing email containing a cookie-based lure, which transparently proxies their browser via attacker-controlled infrastructure, Arctic Wolf said. Requests are then forwarded to a real Microsoft login page, and responses are beamed back to the victim, who authenticates the typical way using their valid credentials, passing Microsoft MFA. Session cookies, related artifacts, and other session information are scooped up during this process and stored in the Kali365 attacker panel. From there, attackers can generate scripts to replay those sessions in their own environment, effectively borrowing the genuine user's session. The researchers' analysis of Kali365 revealed three distinct tiers for subscribers. The lowest Client Tier is for individual attackers, who can change the branding on the panels to give each a bespoke look while sporting the same underlying powers. The Agent Tier is for resellers who can provision and manage their own branded Kali365 panels and Client Tiers. The Admin Tier is reserved for Kali365's developers. Kali365 has a simple pricing structure: $250 per month per tenant, or $2,000 for a year. It supports an array of languages: Arabic, Chinese, Dutch, English, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Spanish, and Turkish. Since emerging in April, Kali365 has often been mentioned in the same breath as EvilTokens, another device code phishing platform that hit headlines weeks earlier after Microsoft confirmed hundreds of compromises each day. "Each campaign is distributed at scale, targeting hundreds of organizations with highly varied and unique payloads, making pattern-based detection more challenging," Tanmay Ganacharya, VP of security research at Microsoft, told The Register. "We continue to observe high-volume activity, with hundreds of compromises occurring daily across affected environments." Both Arctic Wolf and the FBI suggested organizations at risk should use conditional access policies to block device code flow where not required. Defenders should also consider blocking authentication transfer policies, which let users move authentication between devices such as PCs and phones. ®

Partner Content ZTE Corporation (0763.HK / 000063.SZ), a global leading provider of integrated information and communication technology solutions, held ZTE Day Indonesia 2026 in Jakarta, as its annual technology showcase event, bringing together industry leaders, technology partners, and digital ecosystem players to discuss the future of AI, intelligent infrastructure, and digital transformation in Indonesia. As industries increasingly adopt AI, cloud technologies, and data-driven operations, the demand for smarter, adaptive, and future-ready digital infrastructure continues to accelerate. Responding to this momentum, ZTE Day Indonesia 2026 highlighted how AI, intelligent networks, cloud infrastructure, and next-generation connectivity are becoming key foundations for national digital competitiveness and future economic growth. The event showcased a broad range of integrated ICT innovations spanning artificial intelligence (AI), intelligent computing, cloud infrastructure, optical transport, enterprise networking, Wi-Fi 7, and next-generation connectivity technologies designed to support enterprises, operators, and industries navigating the AI era. Liu Sen, President Director of ZTE Indonesia, stated that Indonesia is currently entering an important phase of digital transformation, where progress will increasingly depend on strong collaboration between technology providers, infrastructure players, and partners across the digital ecosystem. "Indonesia is currently entering an important phase of digital transformation, where AI, cloud technologies, and intelligent connectivity will become the key foundations of future digital economic growth. Through ZTE Day Indonesia 2026, we aim to demonstrate how technology innovation can be implemented to support the development of smarter, more efficient, and sustainable digital infrastructure. We believe that cross-industry collaboration will play a crucial role in building a strong digital foundation to support Indonesia's vision of becoming a leading digital economy," said Liu Sen. Beyond showcasing technology innovations, ZTE Day Indonesia 2026 also emphasized the growing importance of ecosystem collaboration in supporting Indonesia's AI-ready digital landscape. During the exhibition showcase, ZTE presented a series of its latest innovations, including nubia's latest AI smartphone, high-performance AI server solutions, optical transport technologies, AI-powered network management systems, and Wi-Fi 7 enterprise connectivity solutions. ZTE also demonstrated its comprehensive end-to-end digital ecosystem capabilities through solutions covering RAN, microwave, transport network, core network, fixed network, and big video solutions. These innovations reflected the company's commitment to supporting operators, enterprises, and industries in addressing the evolving demands of the digital era. As part of ZTE Day Indonesia 2026, the ZTE Open Day Afternoon Session featured keynote presentations from Prof. Viciano Lee of Sertis Indonesia, Sami Muhammad Salman from Whale Cloud Technology Indonesia, Mohan Albert, Director of CTO Group at ZTE, and Chok Shin Lip, Partner Solution Architect Director at Alibaba Cloud Intelligence. The keynote sessions explored the growing role of AI, cloud technologies, intelligent infrastructure, and ecosystem collaboration in supporting enterprise transformation and accelerating Indonesia's digital economy development. The event also hosted a panel discussion titled "Connecting the Ecosystem: Intelligent Connectivity for Enterprise Integration & Value Innovation", featuring industry leaders including Eric Arianto, Chief Technology & Network Officer of Linknet, Irawan Delfi, Network Development Division Head of Fiberstar, and Sigit Dwi Cahyo, Head of Technology Planning and Product of Tower Bersama Group. The panel explored the importance of intelligent connectivity, fiber infrastructure readiness, and ecosystem integration in supporting enterprise digitalization, service innovation, and the growing demand for seamless digital experiences across industries. Another panel discussion titled "Building the Foundation: Digital Infrastructure for Indonesia's AI Era", moderated by Vincent Han, featured industry leaders including Abieta Billy from DCI Indonesia, Muljadi Muhali from Fortress Digital Services, and Marlo Budiman from DSST Mas Gemilang. The second panel emphasized the importance of strengthening digital infrastructure readiness, enhancing data center capabilities, and fostering industry collaboration to support the growing adoption of AI technologies and Indonesia's broader digital transformation agenda. Through keynote sessions, panel discussions, interactive product demonstrations, and networking activities, ZTE Day Indonesia 2026 provided customers, partners, and industry stakeholders with deeper insights into AI implementation, intelligent digital infrastructure, and real-world applications of next-generation technologies across industries. Contributed by ZTE.

SpaceX called off the launch of its huge Starship rocket seconds before liftoff due to a ground equipment problem. The countdown clock reached a planned hold at T-40 seconds after a relatively trouble-free process. Some iffy weather had cleared, and everything looked good for the twelfth Starship test flight - the first try-out for the latest generation of the vehicle and launchpad. Alas, it was not to be. After repeatedly resetting the countdown clock to the T-40 second mark due to problems, which included warnings from sensors on the quick-disconnect arm on the launch pad and issues with the pad's water diverter, SpaceX eventually threw in the towel and scrubbed the launch. Boss man Elon Musk blamed the scrub on the ground equipment, and posted on X: "The hydraulic pin holding the tower arm in place did not retract." Musk wrote that if the issue could be fixed, SpaceX will try again later today. The next window opens at 5:30 pm CT, according to the billionaire. Considering that this was the first launch attempt from a new pad and the first of this vehicle's iteration, the countdown problems are unsurprising. As such, getting to the T-40 second mark was an achievement in its own right. Sadly, the team had only a few minutes to deal with the problems, since the propellant loading was complete and the fuel temperature could not be maintained for long. Expectations are high for this mission. Despite years of development and Musk's promises, Starship is still non-operational, and its launches remain on suborbital trajectories during its test phase. The vehicle has quite a way to go before it can play a part in NASA's goal of landing a crew on the Moon. According to the company's recent IPO filing, "We expect Starship to commence payload delivery to orbit in the second half of 2026." The second half of 2026 is only weeks away, so it'll be an interesting few months. The IPO filing also states that Musk's performance-based restricted shares in SpaceX vest upon the establishment of a permanent human colony on Mars "with at least one million inhabitants." First, however, the SpaceX needs to get to Mars. During the scrubbed launch attempt, it announced that crypto billionaire Chun Wang, who commanded the Fram2 private human spaceflight mission in 2025, would be on the crew for a future flyby of the red planet. Hopefully, Wang's jaunt to Mars won't end up canceled like the dearMoon project, a mission to the Moon financed by Japanese billionaire Yusaku Maezawa. The project was unveiled in 2018, but was eventually canceled in 2024. Starship has yet to hit Earth orbit, let alone head to the Moon. ®

Partner Content ZTE participated in the GSMA M360 Eurasia 2026 conference held in Samarkand, where James Zhang, Senior Vice President of ZTE and President of the Asia-Pacific and CIS regions, delivered a compelling keynote speech. Titled "Bridging the Divide and Empowering All — Shaping Eurasia's Next-Gen Intelligent Infrastructure," the address outlined ZTE's strategic blueprint: aligning optimal TCO models with local market requirements to build anti-fragile AI infrastructure. As GSMA Eurasia report highlights, although the mobile industry accounts for only around 0.5% of GDP directly, it enables as much as 7.7% of wider economic value. "Behind this huge opportunity, however, ZTE also faces a new challenge. Multi-generation networks are increasing operational complexity, while AI is driving explosive demand for traffic and computing power. Networks and computing can no longer operate in isolation. They must converge into an integrated system of connectivity, computing, and intelligent services. In simple terms, we are moving from transmitting bits to carrying tokens," James Zhang pointed out. Trend of AI Development Looking globally, there is a very clear trend: more and more countries are elevating localized AI capabilities to a matter of national strategy. Across Eurasia, governments, operators and industry partners are joining forces to deeply cultivate local LLMs and tailored AI services. When AI enters critical areas such as finance, e-government, education, healthcare and smart cities, it must understand local languages, respect local cultures and meet local regulatory and security requirements. James Zhang outlined that for mass AI deployment, security and anti-fragility are necessary. With rising complexity, local failures are bound to happen. To solve this, ZTE provides advanced cross-domain Autonomous Networks. It allows ZTE’s network and computing foundation to self-heal during fluctuations and automatically optimize under pressure, transforming uncertainty into reliable business assurance. The Energy Efficiency Challenge He posed two fundamental questions to industry leaders about the AI era: Can people and businesses afford to use AI from an energy efficiency and cost standpoint? And can AI be sustained over the long term from a supply-side certainty standpoint? James Zhang argued that if computing and energy costs remain too high, AI will not empower every industry. It will become a luxury available only to a few giants and a handful of high-value scenarios. This led to his first major proposal: the core metric of AI competition is changing. "AI competition is not only about who has more computing power, but who delivers intelligence more efficiently," James Zhang said. This is critical as AI Agents and large-scale inference go mainstream, making workloads highly dynamic and unpredictable. This is where ZTE's system-level design creates value. He explained: "ZTE is building an E2E intelligent foundation. On one hand, ZTE improves system-level efficiency through advanced liquid cooling and modular data centers. On the other hand, ZTE combines green energy, energy storage, intelligent energy management and computing scheduling to create a safer and more resilient energy system." As a real-world example, he cited ZTE's data center cooperation with Tencent, where integrated energy-saving technologies reduced energy consumption by 30% with a PUE below 1.25. "True efficiency cannot come from a single component. It requires deep synergy across facilities, networks, and computing," he added. Three Key Capabilities for Sustainable AI Addressing the second question – how to build AI infrastructure that can be kept running continuously – James Zhang outlined three essential capabilities. First, Supply Assurance. Sovereign AI must be built on certainty. Only when the underlying infrastructure is stable, deliverable, and continuously evolvable can AI truly enter core business processes. This is where ZTE's long-term experience matters. Today, ZTE serves over 500 operators and 2 billion users across 160 countries and regions. This gives ZTE a deep understanding of local regulatory requirements and real operational challenges in different markets. In Kazakhstan, for example, ZTE is working with Beeline on the Giga City 2.0 project, driving large-scale joint innovation in green sites and AI-driven solutions. Second, Ecosystem Openness. Sovereign AI must not be locked into one chip, one model, or one technology path. ZTE's open platform already supports over 100 types of GPUs and is compatible with more than 200 SOTA models. For vertical industries, this broad compatibility lowers the threshold for localized deployment and reduces the complexity of future evolution. Third, Cost-Effectiveness. If AI always depends on the most advanced data centers and the most expensive computing clusters, it will never become truly inclusive. ZTE's open platform can accurately match computing resources according to model size, latency requirements, and business value. It can support high-value scenarios while also opening the last mile for inclusive intelligence to reach local ecosystems. "Affordable AI does not mean 'low-spec AI'. It is about optimizing TCO to set AI free, making it easier to deploy, sustainable, and ready for scale," James Zhang emphasized. Localizing the Blueprint for Eurasia James Zhang acknowledged that China's massive digital economy offers a valuable reference blueprint for Eurasia, but ZTE's approach is never about blindly copying a single model. "The answer lies in integrating proven engineering capabilities, ecosystem experience and commercial frameworks with the distinct local needs of Eurasian markets," he explained. Over the past few years, ZTE has already collaborated with China's leading tech pioneers in cloud computing, LLMs, and smart logistics, and has forged a highly resilient ecosystem. In Eurasia, this localized approach is already in action through projects such as the Beeline Bukhara Data Center in Uzbekistan and the AI supercomputing infrastructure at Al-Farabi Kazakh National University. "ZTE brings a proven open ecosystem and a commercially verified TCO methodology. ZTE believes AI must not remain a privilege for a few. They must become inclusive infrastructure that every industry and every user can afford. This is the ultimate meaning of Affordable AI: bridging the divide and empowering all," he concluded. From Simple Traffic Carriers into Full-domain Orchestrators In the future, when drones, robots, autonomous vehicles, AI glasses and smartphones interact with each other, they will not simply need traditional data packages. They will need ms-level network assurance, edge computing and AI capability. This means operators will evolve from simple traffic carriers into full-domain orchestrators of connectivity, computing, models, and security. The future business model may include tokens, inference times, model calls, latency guarantees and agent tasks, turning AI capabilities into a new form of "traffic" that is on demand and pay-as-you-go. Therefore, the future value of operators is not only to sell more traffic. It is about becoming the capability orchestration platform and value settlement platform behind the intelligence of everything. ZTE's Growing Footprint in Central Asia Beyond the keynote, ZTE has established a substantial presence across Central Asia, contributing to digital transformation in several key areas. In Uzbekistan, ZTE constructed the Beeline Bukhara container data center, the country's first Tier III‑certified modular facility. Using standardized container architecture, it reduces deployment time by 60 percent compared to traditional construction and guarantees 99.982 percent availability for finance, government, and cloud services. The facility fills a critical gap in high‑availability modular data centers and provides a core computing foundation for the country's digital transformation. In parallel, ZTE has invested in local talent development through a deep partnership with Tashkent University of Information Technologies (TUIT) and other universities, bridging the gap between academic learning and real‑world ICT operations. In Kazakhstan, ZTE has delivered a series of transformative projects. In household digitalisation, ZTE partnered with the largest local telecom operator to bring gigabit level speed to hundreds of thousands of families, enabling online education, remote work and 4K video at scale. In mobile networks, ZTE worked with Beeline to modernise the wireless infrastructure, boosting coverage, speed and peak bandwidth by over 35 percent. In the research domain, ZTE built a supercomputing data centre at Al‑Farabi Kazakh National University, one of the most powerful in Central Asia, supporting AI research, climate modelling, and the development of Kazakh-language large language models. Through these initiatives, ZTE continues to demonstrate its commitment to building secure, trusted, and inclusive digital ecosystems across Central Asia, helping the region become a benchmark for digital transformation among emerging economies. Contributed by ZTE.

Outlook is having difficulty with images and sometimes omits them altogether due to a bug introduced in version 2604 Build 19929.20164. Microsoft admitted in a support article that, instead of an embedded image in an email, Outlook might show a placeholder with the error message: "The linked image cannot be displayed. The file may have been moved, renamed, or deleted. Verify that the link points to the correct file and location." Occasionally, it might show nothing at all. The problem is particularly irksome for affected users whose signatures include an image. Where there might be a company logo, there is, at best, an error indicating that something has gone wrong. Microsoft provided some steps to check whether missing images are being caused by the bug, although the process, which involves looking at the source, might be beyond users who are trying to send out a newsletter and wondering where the pictures have gone. Until a fix is issued, the workaround is to "avoid setting images with Wrap Text with Top and Bottom." Only Outlook Classic is affected, and a cynic might wonder if this, and other recent problems such as Quick Steps being grayed out, are symptomatic of Microsoft paying less attention to the venerable email client in favor of New Outlook (or whatever it is being called today). The good news is that, according to Microsoft, "images in the original message should be fine once a fix is released for this issue." However, the bad news is that "Replies or Forwards to these [affected] messages may permanently lack the image because it did not get included." Image handling is basic, and it's difficult to understand how it was missed during testing. We asked Microsoft what happened, but it has not responded. In the meantime, the workaround will suffice. Unless, of course, you work for a business whose logo is a white box with a red cross and what looks like some error text. ®

The US President’s oft-maligned Trump Mobile venture may be facing another setback after a security buff claims he discovered a now-plugged website vulnerability that he says was leaking what could be tens of thousands of suckers' customers' details. The individual behind the discovery, who goes by "Louis," says he's a self-taught tech tinkerer and described himself as "just a nerd between jobs with too much time on my hands." He reckons the website’s data could be scooped up with a simple POST request. “It wasn't SQL. That wouldn't be as bad,” he told The Register. “It was a really simple HTTP request. POST, and then just asking for the info I wanted, basically.” More than 27,000 people who ordered from Trump Mobile, the President’s all-American smartphone and cell service brand, had their data flimsily secured online, Louis claimed. Louis, a long-serving IT professional who refuses to be called a security researcher, said the types of data he was able to gather included: first and last names, primary addresses, secondary addresses, email addresses, phone numbers, customer/account numbers, "enrollment ID" (pre-order number), and whether the order was placed by phone or online. “I discovered it first by looking into the site to see if I could find how many orders there actually were, and noticing some API endpoints,” he added. “I tried a couple of basic commands, and then it started showing whatever data I wanted. “It was as easy as going to the website and writing a very simple HTTP POST request into the console.” The website flaw only allowed him to return ten customer records at a time, he said, but these records all contained a customer number, which Louis used to loop through them all. In the space of an hour, the method allowed him to access the records of around 5,000 Trump Mobile customers, he claimed. After confirming the issue was valid and that all the data his script scooped up was deleted, Louis tried to disclose his findings to Trump Mobile, and anyone else who could take action, but received no response, although someone appears to have fixed the issue. The Register also tried contacting Trump Mobile but similarly received nothing in return. Out of options for disclosure, Louis decided to go public, informing two prominent YouTube creators and known orderers of the Trump T1 phone, Stephen “Coffeezilla” Findeisen and Charles “penguinz0” White Jr., whose respective videos covering his findings have jointly gathered millions of views. Trump T1 begins shipping Trump Mobile’s flagship device, the T1 Android smartphone with the gold-colored casing, began showing up at pre-order customers’ doors this week, after originally being slated for an August 2025 release. The brand’s entire schtick since first being announced in June 2025, around the time of a significant escalation in US-China trade war conflict, was that everything was going to be “Made in America.” Early renders of the proposed T1 showed what appeared to be an iPhone-like device – gold-colored, of course – but those who received their orders this week confirm it is just a reskinned HTC U-24 Pro, a mid-range Android from the Taiwanese tech biz which first hit the market in June 2024. The American flag embossed on the back of the device also only has 11 stripes instead of 13, although all the stars are present and accounted for, at least. When the President’s sons launched the Trump Mobile Brand last year, they promised the devices would be manufactured in America, although the company soon dropped this from its marketing. The T1 comes loaded with 512GB of storage, a 120Hz display, a Snapdragon 7 chip, and, of course, Truth Social pre-installed. Customers can order now to lock in what the company calls promotional pricing, picking up the T1 for $499. It is not clear what this may rise to in the future. You can pick up a standard HTC U-24 Pro 512GB model for roughly the same price, depending on the retailer. ®

Irish Rail has quietly written off €50 million on a troubled train traffic management system that now appears headed for the same graveyard as many ambitious public-sector IT projects before it. The State-owned rail operator no longer has confidence the new Traffic Management System can be rolled out across Ireland’s rail network as originally planned, according to reporting by The Irish Times. The system was supposed to modernize how train movements are managed nationwide as part of the wider National Train Control Centre project. Instead, the project has become the latest addition to Ireland’s increasingly crowded museum of expensive state IT mishaps. Irish Rail has now reportedly reduced the carrying value of the asset by €50 million in its 2025 accounts, after years of delays, technical concerns, and apparent doubts over whether contractor Indra can deliver a workable system at all. The system was initially expected to cost less than €20 million and launch last year, before the usual gravitational forces affecting large public sector IT projects took hold. The controversy quickly landed before Ireland’s Public Accounts Committee, where lawmakers sounded distinctly unsurprised to discover another large public-sector technology project eating tens of millions of euros. John Brady, chair of Ireland’s Public Accounts Committee, called the situation “quite simply unbelievable” and questioned how the project had been allowed to “slowly drift, with more and more public money being spent every single day.” Brady also warned the failure could have broader implications for Ireland’s rail expansion plans, raising “massive questions about the governance, ministerial oversight and financial control in place on the project.” Aiden Farrelly, an Irish Social Democrats politician who sits on the PAC, said the debacle created “a growing sense of Groundhog Day” around Irish public sector IT projects. “While more information has yet to emerge about this specific case, it’s fair to conclude that, when it comes to IT projects, the State simply can’t manage them,” Farrelly said in a statement. Farrelly also called for greater involvement from Ireland’s Office of the Government Chief Information Officer, arguing the agency should play a more hands-on role overseeing major state technology projects rather than leaving accountability entirely to individual public bodies. Meanwhile, Sinn Fein’s Pearse Doherty called the writedown a “national scandal” and accused the government of treating taxpayer money “as if it were Monopoly money” during a heated Dáil exchange. The Public Accounts Committee is now expected to summon Irish Rail, the National Transport Authority, and government officials for further questioning over the potential collapse of the project. The timing is awkward for Ireland’s broader rail expansion ambitions, which already face mounting scrutiny over costs, delays, and delivery risks across projects including MetroLink, DART+, and the perpetually delayed Navan rail line.®

EPISODE 10 Sigh. The Boss has written an app and is quite pleased with himself. The higher-ups are even more pleased because it apparently saves us money. They're so pleased, in fact, they're mandating that it be installed on Company phones. The Boss writing an app in the first place is a red flag so large it could claim a world record, but it gets worse as he wants us to help sell it to the plebs. The PFY and I aren't having a bar of it as there's a fair chance that he's reinvented the wheel – after making it "better" by removing all those pesky curved bits. I've deliberately not asked to look at the source code, as I expect it'll be 40,000 lines of improvised (not interpreted) BASIC. "I used AI to make it," the Boss offers. Ah. Initially I'd thought the Boss must've watched a bunch of YouTube videos on programming, but I now realize that his laziness gene kicked in early and he's been "vibe-coding." The horror! I upgrade my mental picture from "blind leading the blind" to "incompetent leading the blind – through a minefield. In the dark. On pogo sticks." "It's got AI in it!" the Boss whines, after the PFY and I express our doubts. "So have the words failure, and painful, and brainless," the PFY points out. "Maybe, but this is the perfect synergy of..." "Salt and vinegar?" I suggest. "What?" "Perfect synergies – a prime example of which is salt and vinegar," I reply. "Or muesli on ice cream," the PFY adds. "I mean new synergies," the Boss chips back. "Ah, like salt and vinegar crisps and marmalade sandwiches?" I ask. "What?" "They're surprisingly good," I say. "I MEAN the new synergies of artificial intelligence, deep technical knowledge, and plain language," he blathers. "You realize that the synergy of deep technical knowledge and plain speaking is essentially what AI claims to be? After you add a layer of obscurity, some hallucinations, and a touch of mental illness, that is." "No, this is an app to help you in the workplace." "Help me in the workplace, how?" I ask. "Does it tell me which windows have faulty safety catches?" "No, this is an app for everyone." "Ah, so it's an app to warn people about windows with faulty safety catches?" "No! Say you're new to the Company but you don't know, I dunno, where the paper is for the photocopier," the Boss says. "I think the first problem you'd have would be finding a photocopier. All we have are multifunction printers." "Alright then, you need to find paper for the printer – but you don't know where it is." "The printer or the paper?" the PFY asks. "Why would you need paper for a printer if you didn't know where the printer was?" "I ask myself these questions daily," the PFY sighs. "Anyway, the paper's in the cupboard beside the printer." "Well, what if there wasn't any paper in the cupboard beside the printer?" "Then it would be in one of the cartons of paper, which are beside the cupboard, which is beside the printer." "What if there wasn't any?" the Boss snaps. "There's always paper there. Sometimes five or six cartons." "WHAT. IF. THERE. WASN'T?!" "You'd ask the office admin person." "WHAT IF YOU ARE THE OFFICE ADMIN PERSON? And you've just started, and the printer's out of paper." "Oh, right. So... you'd use the app?" I ask. "YES! YOU'D USE THE APP. It'd tell you where the storeroom is, and you could get some paper. It might identify the best type of paper to use for the photoco- PRINTER that you have, and, maybe, suggest that you pick up a spare toner cartridge if your printer was running low." "So the app is able to remotely check on printer toner levels?" I ask. "No, it would suggest you pick up a spare cartridge if the printer was low." "How would you know if the toner was low if you'd just started?" the PFY asks. "When you don't know where the printer is?" I add. "You'd ask the app how to tell if it was low. It could talk you through how to check your particular printer." "So... the app will know where your printer is?" the PFY asks. "THE APP WILL HELP YOU WITH YOUR PRINTER, WHEN YOU FIND OUT WHERE IT IS!" the Boss snaps. "Ah right, now I'm with you. So, to clarify: you've written an app which will suggest you check the toner of a printer – that you have to find – which is out of paper – that you have to find – because you're a new office admin person. It's a little... niche... for an app, don't you think?" "NO!" the Boss blurts, maybe a touch frustrated. "It's an app for everyone." "But most people already know where the printer and paper are." "That's just one example of what it might do. It might, I don't know, explain how to use the air conditioning system based on the current environment and include tips on how to use it most efficiently for power consumption. It could maybe teach you how to choose a complex password to meet our security policy. Maybe it could highlight better travel options to get to work." "OK, I get it. You've invented a mansplaining app." "No! This app is good for everyone!" "So you keep saying. But the theory behind any good app is that it gives you some competitive advantage – an advantage that would be lost if everyone had the app." "How do you mean?" "Like the app the PFY wrote." "What does it do?" "If I told you, he might lose his competitive advantage." "Well, I'll ask him then." ... It's amazing how quickly the PFY can vibe-code a faulty window safety catch app. There might be something in that AI stuff after all... BOFH: Previous episodes on The RegisterThe Compleat BOFH Archives 95-99

The government’s plans to introduce digital ID could be put in doubt if Andy Burnham, who spoke out against the scheme last September, replaces Keir Starmer as the UK prime minister. The Greater Manchester mayor told a session at the UK's Labour party conference in Manchester last autumn that he opposed digital ID given the problems the previous Labour government he had served in had experienced with ID cards. “I think there’s a risk of an opportunity cost situation here, where something can consume a huge amount of time and actually doesn’t come through,” he said. “And that will be the lesson about 2005 to 2010 Parliament; it consumed a lot of air time and it didn’t actually materialize.” ID cards did actually materialize – with 13,200 produced before the scheme was scrapped. In fact, the Home Office used Manchester as a testing ground for the scheme. Burnham helped to sell it when he was a Home Office minister in 2005-6, telling the BBC that compulsory national ID cards would be “a major breakthrough” in tackling identity fraud. On 19 May 2026 Burnham was selected by Labour to fight the Parliamentary seat of Makerfield in a by-election in June. It would be a surprise if the party had not chosen him, given the former MP Josh Simons stood down to provide Burnham with the chance of returning to Parliament and then challenging Starmer as Labour leader and UK prime minister. Until February, Simons was the minister responsible for Starmer’s digital ID plans. He resigned after his decision to commission a probe into journalists who had written critical articles about the think tank he ran, Labour Together. To return to Westminster, Burnham will have to win a by-election in a constituency where Nigel Farage’s Reform party won more than half of the votes in local council elections earlier this month. The area also voted 65 percent in favor of leaving the European Union (EU) in 2016’s Brexit referendum. Burnham is already playing down his previous support for the UK to get closer to the EU as he starts campaigning. If he wins both Makerfield and then convinces Labour MPs to make him their leader, would he follow through on his comments of last September? Burnham has been known to change his views but if he got to be prime minister, dumping a policy introduced by his predecessor would suggest he was making a fresh start. Digital ID is also opposed by other parties, including Reform, so dropping it would remove a point of difference and could tempt some voters back to Labour. On the other hand many Labour MPs like the policy, and it is their collective call as to whether Burnham becomes prime minister if he can win Makerfield. In the House of Commons on 15 January, then minister Josh Simons made a statement on digital ID in answer to an urgent question from Conservative MP Mike Wood. Responding, Wood told the Commons: “In September, the prime minister tossed this mandatory digital ID on to the table as a classic dead cat distraction, purely to keep Andy Burnham off the front pages as the Labour party conference started.” Wood’s statement was feisty enough for the deputy speaker to mutter “Someone’s had their Weetabix.” But there would be some symmetry if Prime Minister Burnham scrapped a scheme that was supposedly introduced to distract attention from him when he was just the mayor of Greater Manchester. ®

The UK’s £38.2 billion (c $51 billion) Sizewell C (SZC) nuclear reactor is set to offer investors high rewards for little exposure to risk, while the consumer will see a £19 ($25.50) annual hike to their bills, according to a public sector spending watchdog. A report from the National Audit Office on plans for building the second in a new generation of nuclear power plants — Sizewell C in Suffolk — finds that the current estimated impact on consumers “relies on some big assumptions” about chance of further cost increases. Gareth Davies, head of the NAO, said: “Sizewell C forms a significant part of the government’s plan for a secure and affordable clean energy supply. There has been a concerted attempt to learn from the problems of previous nuclear power construction projects and other large infrastructure schemes. This has resulted in a novel financing structure and DESNZ will need to monitor the risks to taxpayers and billpayers closely.” Construction started in April 2024, although the Department for Energy Security & Net Zero (DESNZ) did not finalize its deal to complete the build with French energy firm EDF until July 2025. The government chose to create a joint venture company — Sizewell C Ltd — with DESNZ taking a minority stake and private investors, including EDF, taking the lion's share. The government’s National Wealth Fund will provide £36.6 billion (c $49 billion) in finance, while £5 billion will come from commercial lenders. The project plans to keep costs down by learning lessons from Hinkley Point C (HPC), which is expected to start generating electricity in 2030 after originally targeting 2025. In addition to the delays, cost have climbed to £35 billion from an initial estimate of £18 billion. The mammoth building project is part of the government's plans to meet rising demand for electricity — not least from datacenters and electric vehicles — while achieving its targets for reducing greenhouse gas emissions and reaching net zero. The government expects SZC to power the equivalent of 6 million homes for at least 60 years. Even though the Sizewell C company claims its build plans benefit from delays to Hinkley Point C, and will cost less to build, consumers may still end up paying more for the electricity the new plant produces because Hinkley Point C's "price was set before its cost overruns and SZC is affected by the rise in borrowing costs since then,” the NAO said. Part of the build cost will come from an increase in household electricity bills of £4 in the current financial year, rising to a peak of £19 to £21 a year in the first decade of the plant’s operation. The government admits that electricity from SZC will be more expensive compared with other forms of renewable generation, but it argues there is an overall benefit in the mix of supply. Solar and wind power are cheaper on the face of it, but they are also unreliable, creating hidden costs in balancing the energy grid. “DESNZ’s modelling shows lower total system costs with SZC. This is because intermittent renewables require additional transmission infrastructure, reserve generation capacity, and other balancing services, which those standard generation cost metrics do not capture,” the report said. The NAO points out that the current estimated costs rely on some “big assumptions.” At the same time, private investors' exposure to risk is not balanced with their rewards. A "government support package" provided by DESNZ includes contractual commitments that limit risks to private investors of cost overruns and certain unlikely but high-impact risks. This means private investors share construction risk with consumers and taxpayers but are exposed to “tail‑end” scenarios above the higher regulatory threshold, in a deal designed to attract private investors. “The sharing of risk with the taxpayer and consumer appears to have reduced the cost of financing the project, but the rewards for investors still appear high, given their limited exposure to project risk. The extent to which investors will be incentivized to control project costs in the way DESNZ assumes is unclear,” the report said. Only future generations may discover whether the project is worth it in the end. “The modelled benefits only start to outweigh those costs after 2064,” the NAO said. ®

ON CALL Welcome to another edition of On Call, The Register's weekly reader-contributed column in which you share your stories of absurd tech support situations. This week, meet a reader we'll Regomize as "Hamish," who told us that a couple of years ago he worked at a British retailer where the company's website manager – a member of the marketing team – came up with a brilliant idea that was bound to boost sales: adding Apple Pay to the company's website. Management approved the idea, which duly landed on Hamish's desk – and confused him enormously because the website already offered Apple Pay. Hamish had two pieces of evidence to prove this fact. One was that when he visited the website, he could see an option to pay with Apple Pay. The other was that he worked for the company during the initial push to enable Apple Pay and remembered the project well. He was pretty sure several of his colleagues would remember it too because they worked in management or marketing at the time and did some of the work! Hamish nonetheless went along with the request by chatting with colleagues in IT and the company's finance team, who confirmed that Apple Pay was indeed up and running, and even sending money into the company's coffers. That ruled out the possibility that the site was buggy in some way Hamish had missed, and meant the next step was to ask the website manager why she didn't think Apple Pay was already available. Hamish said the marketer told him she couldn't see Apple Pay as an option when she visited the site. To prove it, she whipped out her Android phone. "It turns out that everyone who thought this was a brilliant new idea and who had bothered to look at the website had done so without using an Apple device," Hamish told On Call. The company's site was therefore not only Apple Pay-enabled, but also capable of detecting users' devices and dynamically presenting relevant payment options. Hamish isn't sure he handled this situation correctly. "Maybe the IT team should have waited a week, said the work was done, and scored bonus points for a speedy delivery," he mused to On Call. "Instead we used the opportunity to show how unaware senior people were of their own pet projects." Have you been asked to fix something that works, or implement something that's already in place? If so, here's something else that already works – clicking this link to send your tale to On Call so we can consider running it on a future Friday. ®

Cisco tested AI’s ability to write an accurate report on a tabletop security incident response exercise, and found that while the tech can save time, many risks remain. The networking giant revealed its results in a Thursday blog post https://blogs.cisco.com/security/ai-generated-reporting-lessons-learned-from-talos-incident-response by Nate Pors, a senior incident commander in the Cisco Talos Incident Response team. Pors opened by observing that when to used generate long-form technical content, large language models can deliver “significant inaccuracies, unusual conclusions, and inconsistent writing styles.” LLMs make those mistakes because they’re essentially a fancy autocomplete system that makes educated guesses. Pors wrote that the nature of LLMs therefore sees them mess up in four ways: Using different data for each query, which means it’s “difficult to rely on an LLM for repeatable, standardized research outcomes.”Reaching different conclusions from the same data. “In a data breach scenario, a model might suggest a full organization-wide password reset in one instance and a targeted reset in another,” Pors wrote and AI then “often defaults to whichever recommendation it generates first” – and may therefore give bad advice.Because LLMs generate content token-by-token, they can create documents with different structure and formatting on each new run. “This unpredictability is problematic for professional environments where standardized layouts, such as consistent executive summaries or recommendation sections, are essential for quality control,” the Talos man observed.AI can discard data, so its output might ignore critical information.Talos developed several techniques to stop this sort of thing happening. One involves giving an LLM “granular, single-task instructions” that focus on “a specific, small portion of the report.” Doing so means “risk of hallucination or cross-contamination between sections is significantly reduced.” Telling an LLM which sources to use also helps. So does setting rules about the style and format of output. Using those techniques, Cisco says the time required to draft an incident report based on a tabletop exercise fell by 50 percent. "A blind test of the sample report in our quality assurance process showed no noticeable drop in overall writing quality," Pors wrote. "The peer reviewer, professional editor, and management reviewer all made complimentary comments about the report while unaware that it was AI-generated. The peer reviewer commented that the incidence of typos and grammatical errors was far lower than in the average report." But the Talos team also found “editing multiple sample reports within a single session resulted in cross-contamination of content from one report’s source material to another, even if the notes used to generate the first report were deleted from the project’s reference documents.” The researchers therefore recommend starting a new session, and re-entering prompts, for each new incident report. They also developed a spelling-and-grammar-checking prompt that “hallucinated numerous grammar issues … failed to identify actual issues,” had a success rate below 50 percent and “would behave inconsistently, sometimes catching issues and sometimes overlooking them. “It is currently unsuitable for production use,” Pors concluded. Pors said Cisco concluded that its approach “could be adapted to any cybersecurity reporting use case with standardized inputs and predictable outputs," but also warned authors must "take ownership of every word of the final report." "While testing, we found that the LLMs generated recommendations that were duplicative, irrelevant, or not actionable. If this were used in a production environment without manual checks, it could result in poor-quality recommendations in a final report." Those problems arose when considering a tabletop exercise, a far simpler affair than analysis of an incident that involves analyzing log files from multiple systems. ®

Chinese tech giant Alibaba has revealed a new accelerator and accompanying rack-scale server rig without offering much detail about their performance – and also admitted it’s only been able to make chips in trivial quantities. The new chip is called the Zhenwu M890, and comes from Alibaba’s semiconductor design business T-Head. Neither company has said much about it other than stating it includes 144GB of on-chip memory, possesses “800 GB per second of inter-chip bandwidth” and natively supports precision formats from FP32 down to FP4. The Chinese giant didn’t offer any info about performance other than to say it delivers “three times the performance of its predecessor, Zhenwu 810E.” Based on the specs of the old and new devices, we think the M890 might give Nvidia’s 2024-vintage H200 a run for its money. That means the most interesting figure in Alibaba’s announcement is 560,000 – the number of Zhenwu chips Alibaba says T-Head has made to date. By way of contrast, Nvidia says AWS alone will rack and stack one million of its GPUs this year. AWS’s spending on AI infrastructure is at similar levels to Microsoft, Meta, and Google, so it’s conceivable that Nvidia will make and sell three or four million GPUs to satisfy those four customers alone. Alibaba’s announcement doesn’t offer any information about production volumes for the M890. The company did talk up the machines the M890 will run inside – a new beast called the Panjiu AL128 Supernode Server Alibaba described as “a rack-scale system that packs 128 AI accelerators into a single unit and delivers petabyte-per second internal bandwidth … designed specifically for the concurrency patterns that agents generate: unpredictable, high-frequency bursts of inference requests that overwhelm conventional compute clusters.” It seems Alibaba intends racks packed with M890s plus Panjiu AL128s to handle agentic workloads. T-Head has also created a new networking chip called the “ICN Switch 1.0,” which we’re told “delivers up to 25.6 Tbps of aggregate bandwidth and enables congestion-free communication across clusters of 64 accelerators.” Those are specs that Broadcom and Nvidia reached years ago. Alibaba’s chips therefore deliver performance that leaves its cloud well behind its western competitors, which would be a problem if its Chinese peers were buying kit from Nvidia. But despite the US lifting export restrictions on some advanced AI hardware, Beijing has not let local buyers acquire any: Nvidia recently told investors it doesn’t expect to win any revenue from China for the foreseeable future. Chinese hyperscalers haven’t announced capex spending at anywhere near the levels of their American rivals. Perhaps we now know why: T-Head can’t get a lot of gear made, probably because accelerators like the M890 require an advanced semiconductor manufacturing process that Chinese companies can’t access from offshore fabs due to US sanctions. Chinese fabs can’t yet match the prowess of TSMC, the source of most high-end GPUs. So how are China’s tech giants meeting demand? We’ve previously covered attempts to smuggle Nvidia parts into China and Bloomberg yesterday reported Taiwanese authorities have cracked down on GPU smugglers. We’ve also seen suggestions that Chinese companies send storage devices across borders to move data into facilities that have Nvidia kit waiting to run training workloads. ®

Democratic lawmakers on Thursday blasted President Trump’s spending priorities – specifically a proposed $1 billion White House security and ballroom project and a nearly $1.8 billion “slush fund” for Trump allies tied to the January 6 Capitol riot – as his administration pushes deep cuts to cybersecurity funding. US Representative Delia Ramirez (D-IL) decried the president's priorities as Congress weighs reauthorization of the State and Local Cybersecurity Grant Program (SLCGP), a funding effort that began in 2022 and earmarked $1 billion to state and local governments over the next four years to help mitigate cyber risks. "Budgets are moral documents, and spending a billion dollars on a ballroom, which is what the president wants, or $1.7 billion to incentivize insurrectionists while we still are waiting for the reauthorization of this critical grant program, says a lot about where priorities are right now with this administration," she said during a House Homeland Security subcommittee hearing on state and local cybersecurity. Another Democrat on the committee, Rep. James Walkinshaw (D-VA), noted the US Cybersecurity and Infrastructure Security Agency (CISA) also eliminated federal support for the Multi-State Information Sharing and Analysis Center (MS-ISAC), which used to provide free and low-cost threat detection and response services to state and local governments. The MS-ISAC has since shifted to a fee-based model to support the state threat sharing program. This means, as expert witness Samir Jain, VP of policy for the Center for Democracy and Technology, testified, “jurisdictions that most need the help are least likely to be able to afford it. Smaller jurisdictions, because if they don't have the resources and the money to join the ISAC, they probably also don't have the resources and the money to buy equipment, to buy network monitoring tools, to have cybersecurity staff. It's the ones who need it the most are the least likely to be able to get it as a result.” Walkinshaw also pointed out that CISA’s 2025 budget was about $3 billion. President Trump proposed slashing the cyber-defense agency’s spending by $707 million in 2027, to just over $2 billion. This is on top of the $135 million in cuts to CISA, along with about a third of its workforce (close to 1,000 people) since Trump returned to office. “So we are looking at a one-third cut in federal funding for cybersecurity,” Walkinshaw said. “If President Trump gets his way, we'd be spending a billion dollars for the ballroom and $1.8 billion for the January 6 slush fund – $2.8 billion just on those two items, $800 million more than his total commitment to cybersecurity.” Meanwhile, other expert witnesses who testified before the committee, all IT and security chiefs from Tennessee, New York, and Florida, implored the lawmakers to spend more – not less – on state and local infosec. “State and local governments operate critical systems that citizens rely on every day, including emergency services, schools, utilities, courts, and public infrastructure,” Tennessee CIO Kristin Darby told lawmakers. “Those systems are increasingly targeted by criminal organizations and nation-state actors,” she said, adding that “demand for cybersecurity support far exceeds the current funding levels.” As AI-enabled attacks, ransomware infections, and cloud-based system intrusions accelerate across Tennessee, “many local governments across our state have little or no dedicated cybersecurity staff,” Darby continued. “This creates a dangerous imbalance between highly sophisticated attackers and severely resource-constrained defenders.” New York state director of security and intelligence Colin Ahern urged lawmakers to “reauthorize and fully fund the state and local cybersecurity grant program, which is the single most consequential investment in the cyber protection of state and local governments in this country.” He also advocated for frontier-model AI access for state and local governments, which are tasked with protecting the power grid, drinking water supply, public health systems, and other critical operations. “We cannot do that while frontier defensive AI capabilities are restricted to federal partners and a handful of large enterprises,” Ahern said. “Cybersecurity is the silent partner of democracy,” he continued. “When the utilities, school districts, and state and local governments that constitute the operational fabric of American life are hollowed out by cyber attacks, the institutions that support our democratic life are hollowed out with them.” ®

Google’s AI-powered transformation of its search engine will give the mega company a more captive audience than ever before - and what better way to turn those eyeballs into cash than by serving up new forms of AI-powered ads? Announcements out of the Chocolate Factory’s I/O AI fest continued Wednesday with the premiere of what the company called “a new generation of ads” tailor-made “for the AI era of Search” that it decided you definitely need earlier this week. As we mentioned in our earlier I/O coverage, Google announced what Search VP Elizabeth Reid called the “biggest upgrade in over 25 years” to Google Search. Those changes center on pushing Gemini 3.5 Flash deeper into Search and AI Mode, giving the engine the ability to “anticipate your intent” and surface more detailed AI-generated responses. That doesn’t mean AI Mode is being made the default, mind you. Google told The Register that standard search engine result pages are still going to be the default for anyone doing a typical Google search, though AI responses will be served alongside results, we’re told. Any web search that returns an AI Overview, on the other hand, will include an option to follow up with the Overview in AI Mode, and AI Mode with rich content input can be selected from the Search box as well. It’s here that Google’s beefing up its AI, letting it do the searching for you and surface whatever it’s been programmed to prioritize in a manner designed to keep you from clicking away, enabling Google to hand you more profit-generating content … er, helpful results. Those results will include “more helpful ads,” which will come in two varieties: Conversational Discovery ads, and Highlighted Answers. Regarding the Conversational Discovery ads, Gemini’s responses to specific questions will build ads “tailored to that search, highlighting specific relevant features.” Google cites the example of someone searching for a way to make their house smell fresher. Results for such a search could recommend deodorizing your house using, say, a $1 box of baking soda mixed with water or a simple 1:1 vinegar/water mix - or it could tell you how much you need a $20 reed diffuser, electric wax melter, or some other expensive product Google’s getting paid to flog. Highlighted Answers, on the other hand, means “highly relevant, high-quality ads are eligible to appear” on lists of recommendations delivered by AI Mode. What meets that threshold wasn’t mentioned, but Google told us that it’s using similar standards to its existing ad filtering, and the same auction mechanics to get the ads in front of eyeballs. Brands approved for Highlighted Answers will have their recommendations inserted into the end of AI Mode results, Google explained. The feature is currently in testing, with Google telling us it wants its placement to feel natural and add value to users' searches. Of course, just because the standard Google Search mode isn’t going away, contrary to the panic that Google’s announcements triggered this week, that doesn’t mean Google isn’t stuffing more AI ads into those results, too. AI-powered shopping ads that use Gemini to “pull up your most relevant products and instantly write a custom explainer highlighting why your product may be the right choice” are coming to Google’s standard search results pages in the coming months, as is the ability to “put a smart brand agent right inside your ad.” Those ads, for example, could be a chat window that provides answers on the content of a website, Google explained, “turning a practical interaction into a valuable lead.” Google said that it’s also expanding its Direct Offers program that allows retailers to offer user-tailored discounts and offers on products purchased via Gemini, giving brands more ways to motivate consumers to buy whatever they’re flogging without customers ever leaving Google’s ecosystem. Businesses that want to use these new AI advertising features will be encouraged to build campaigns around Google’s AI Max and Performance Max ad tools, naturally ensuring the Chocolate Factory keeps collecting its cut as it pushes advertisers deeper into the AI era of Search. Google assured us that people actually do want this, and that they really are gravitating toward AI experiences delivered through Google, even though they’re not always optional. The Chocolate Factory further told us that, despite ads featuring prominently across its various AI tools, ads never impact organic results. They’re just buried behind an ever-growing wall of AI schlock one has to weed through to find actual search results, and now even more ads. ®

You know your Google API key has leaked so you rush to disable it before bad actors can start running up charges on your account. Bad news: According to security researchers at Aikido, people can use the API keys for up to 23 minutes after a user deletes them, creating a window of opportunity that, when combined with Google’s automatic billing tier upgrades, can devastate victims. “We've identified a substantial window where an attacker with access to a leaked Google API key can continue to misuse that credential, after the user believes the key is revoked,” Joseph Leon, a security researcher with Aikido, told The Register. “In that window, an attacker could run up charges, pull sensitive files uploaded to Gemini, and exfiltrate cached context.” Aikido tested the gap during 10 trials over two days. In each trial, researchers created an API key, deleted it, and then sent three to five authenticated requests per second until no valid response came back for several minutes. From the time a user deletes the Google API key to when it can no longer be used propagates gradually across Google's infrastructure, he said. Some servers reject the key within seconds while others keep accepting it for 23 minutes. What this means is that an attacker holding a deleted key can repeatedly send requests until one reaches a server that has not caught up, Leon said. If Gemini is enabled on the project, they can dump files that were uploaded and exfiltrate cached conversations. The paper cited a similar problem researchers disclosed in December involving AWS keys. In that case, after deletion, attackers had a four-second window to exploit, and researchers showed how they could create new credentials in that time. “Four seconds was enough to matter on AWS,” Leon wrote in the paper. “Given recent attention to Google API keys used to access Gemini, we set out to measure how long Google's API key revocation window remains open.” Flaws can hit devs with huge surprise bills The Register has reported numerous cases of Google API key abuse in which developers are suddenly hit with five figure bills after their credentials are compromised. The problem was compounded in April after Google reworked its billing policy to include spending tiers for users. While developers initially thought of it as a way to limit costs, Google automatically upgrades that spending tier to the next highest level without their knowledge. For users who have been working with Google for more than 30 days and have spent more than $1,000 over the lifetime of the account, their cap can be increased from $250 to $100,000 if their usage spikes – a windfall for crooks if the credentials fall into the wrong hands. Developers whose Google API keys were stolen told The Register that their bills rocketed up to five figures minutes after their credentials were stolen, as bad actors loaded up on Google’s Gemini models such as Nano Banana and its video production model Veo 3. Google issued refunds in the three instances that The Register brought to its attention, returning $154,000 to those developers. The victims told The Register that, during the attack, they were frantically trying to shut down the spending and turn off access to their projects even as costs climbed by thousands of dollars. Leon said in cases where a Google developer tries to shut off access to their account, deleting the API key will still give crooks time to inflict damage. “It's hard to put a dollar figure on it,” Leon told us. “The window averaged 16 minutes in our testing and stretched to nearly 23 at the worst. During that window, the success rate is wildly unpredictable. We saw minutes where over 90% of requests still authenticated, and others where fewer than 1% did. An attacker who knows this can send requests at high volume to maximize their odds of hitting a server that hasn't caught up. For Google API keys with Gemini access, the damage isn't just a compute bill. It's the files and cached context an attacker can exfiltrate before the key actually dies.” Using VMs, Aikido tested its findings across three Google Cloud regions – east coast US, western Europe, and southeast Asia – then they spot checked those results on different dates. For each trial, Aikido deleted a single API key and sent requests from each of the three VMs in parallel, Leon wrote in the paper. “VMs further from the US picked up the deletion faster, which is the opposite of what you'd expect. We can't say exactly why from the outside. Google's request routing is more complex than ‘VM region equals server region,’ and a VM in Singapore isn't necessarily talking to servers in Singapore,” the paper states. “But the pattern was consistent across trials, which points to something about regional infrastructure, caching, or routing affinity driving the difference.” The trial used keys with access to Gemini, but he observed the same behavior with keys scoped to other GCP APIs, such as BigQuery and Maps. Google has built faster revocation for other credential types, Leon said. He said Google’s service account API credential revocations propagate in about 5 seconds. Gemini's newer API key format – the one that starts with AQ – propagates in about a minute. “Both run at Google scale. Both suggest this is technically solvable for Google API keys, too,” Leon wrote. But Google told Aikido it has no plans to address the 23-minute gap researchers found with its other API keys. “After reviewing our report, they closed it as ‘Won't Fix (Infeasible)’ with the comment ‘the delay due to propagation of the deletion of these keys is working as intended,’ “ Leon told us. The Register has reached out to Google about this research, but has not yet received a response. ®

GitHub's npm package registry has rolled out a publishing approval step to prevent the distribution of compromised packages before they can poison the software supply chain. Modern software development relies on imported bundles of code known as packages (and sometimes libraries or modules). In the past decade or so, miscreants have focused on gaining access to the accounts of package maintainers. Subverting a widely used package offers a fast track to malware distribution. Last December, amid the Shai-Hulud 2.0 campaign that compromised software packages, GitHub described a series of planned security measures intended to harden security for npm package publishers. One of the measures, staged publishing, has now been implemented. GitHub on Wednesday merged npm stage into npm CLI (v11.15.0) and has updated the registry documentation that describes the process. Staged publishing might also be called gated publishing – it requires a project maintainer to approve changes to a package that has been staged for release. It's been under discussion since 2020. "Instead of publishing directly with npm publish, you can submit packages to a staging area with npm stage publish," the documentation explains. "A maintainer must then review and explicitly approve the staged package — with two-factor authentication (2FA) via the CLI or npmjs.com — before it becomes publicly available." This process should have particular value for automated workflows, which typically don't include a way to authorize via 2FA. Automated workflows often rely on tokens for authentication, but these can be copied and stolen. Tokens that remain valid for long periods of time become attractive targets for cyberattackers. That's why GitHub did away with long-lived classic tokens and encouraged the use of short-lived session tokens and permission-limited access tokens for automation. GitHub's discontinuation of classic tokens hasn't gone all that well because short-lived tokens tend to expire at inconvenient times – no one likes having to regenerate tokens every 90 days or less and then go through the reconfiguration process. Staged publishing should make it easier for developers to set up maintainable workflows without burdensome re-authentication rituals. It gives package publishers the option to stage their package via automation and to delay the 2FA approval for publishing at a later date. GitHub offers trusted publishing as a way to establish trust between npm and the developer's CI/CD provider using OpenID Connect (OIDC) authentication. The OIDC mechanism still doesn't work when trying to publish a package for the first time, but together with staged publishing, the software supply chain looks a bit more defensible – so long as developers avail themselves of these tools. ®