The Register

The patient tally from the Synnovis ransomware attack continues to grow two years later, with Mid and South Essex NHS Foundation Trust confirming it was caught up in the breach. The trust told The Register that the Synnovis breach affected about 2,380 records relating to patients who underwent specialist diagnostic testing. The disclosure follows a similar announcement by Bedfordshire Hospitals NHS Foundation Trust, which earlier this month said that almost 33,000 patient records had been caught up in the same breach. According to Mid and South Essex, some of the compromised data cannot yet be directly linked to individual patients, meaning the trust is still unable to determine the final number of people affected. It also said the precise time period covered by the stolen records has yet to be established, although patients tested after June 3, 2024, the day of the attack, were not affected. "We are still waiting for confirmation on exact numbers," Dawn Scrafield, deputy chief executive of Mid and South Essex, told The Register. "Once we have established who those patients are, we will be in contact with any who have been affected." The disclosure highlights the drawn-out fallout from the attack. Synnovis told us it completed its forensic review by the end of last summer and said it had notified all affected organizations by November. However, Mid and South Essex said it was only informed in December 2025 and is still trying to work out exactly which patients are tied to the compromised records six months later. "Any decision on patient notification, including the number of patients to be notified, is made by the affected organization as part of their assessment," a Synnovis spokesperson said in a statement. "Synnovis, as the Processor of the data, is not involved in any of the assessments regarding if, when or how many patients a Controller determines necessary to notify." The company said it does not believe the stolen information presents a high risk to individuals because of its fragmented nature, but acknowledged that affected organizations are still assessing what was taken and whether patients should be contacted. The breach was one of the most disruptive cyber incidents ever to hit the NHS. The Qilin attack crippled pathology services across south east London, forcing hospitals to cancel thousands of appointments and operations while clinicians struggled with delays to blood testing and transfusion services. Patient data was later published online after the gang's extortion attempt failed. However, the fallout wasn't limited to canceled operations and delayed blood tests. Last year, King's College Hospital NHS Foundation Trust confirmed that delays caused by the outage contributed to the death of a patient, marking one of the first officially acknowledged fatalities linked to a ransomware attack. ®

At the beginning of last year, the UK government was riding high in its first term, having swept to power the previous July. It wasted no time making bold claims: publicly funded services, including the NHS, local councils, and central government were missing out on a potential £45 billion ($55 billion) in productivity savings due to outdated or poorly used technology. To tackle these issues, Peter Kyle, the then Technology Secretary, promised "digital tools, AI and common sense to overhaul public sector technology – so it saves money, treats people with respect, and just makes sense." It was barely 18 months ago, yet everything seems so different: for the government and its digital strategy. Last week, the House of Commons' Science, Innovation and Technology Committee (SITC) named the £45 billion figure as an example of minister-led hype that undermines, rather than boosts, efforts to make the public sector more effective and efficient with digital technologies. The committee said hype represented "overly optimistic projections" that could affect the government's ambitions. Having apparently swallowed a tech vendor slide deck in one mouthful, the government had already claimed its £45 billion saving figure – between 4 and 7 percent of public sector spending – "could be achieved through full potential digitization of public sector services… [through] process simplification, AI-driven automation of manual tasks, greater availability, adoption of low-cost digital channels and reduced fraud through compliance automation." However, as The Register has already reported, others were much more skeptical. In October last year, Nick Davies, programme director at the Institute for Government, said the figure was a "huge amount, given that most of what government is spending on is either salaries or is on different kinds of infrastructure." He pointed out there was a huge difference between productivity improvements – making services better with the same spending – and cashable savings. "There is certainly a kind of inefficiency, duplicative spending across the public sector that you could spend more effectively, but without knowing more about where that £45 billion comes from, it's harder to say," he said. The problem of hype is far from new, and does not belong solely to the Labour government. In 2018, when the Conservatives were in power, the government promised a "tech revolution is coming to the NHS." The "vision" was designed to create a modern tech architecture to underpin a new generation of digital services. Two years after it began, that NHS digitization strategy still had no implementation plan and risked repeating the UK health service's legendary IT failures, according to a report from the Public Accounts Committee (PAC). It said the NHS should urgently publish a detailed plan describing how it aims to meet its ambitions for transforming digital services. "Without a proper implementation plan, the [government] cannot be sure that the £8.1 billion of taxpayers' money being invested in the digital transformation programme will deliver value for money," said the parliamentary watchdog. The government's latest plans for digital savings underscore how dangerous hype can be. The government's "estimate that the digitization of public services could deliver an annual saving of £45 billion is worryingly optimistic. While assumptions are an unavoidable part of economic projections, hyperbole diminishes the case for change," the parliamentary report said. "Optimistic projections and messaging… undermine the credibility of the government's arguments, confuse and demoralize civil servants and encourage the belief that over-optimism, rather than achievement and honesty, will be rewarded," the report said. A government spokesperson responded by claiming digital platforms were already making a real difference to public services, noting that the Roadmap for Digital Government, launched earlier this year "sets out a detailed programme of reform with clear milestones and ongoing progress tracking already in place." "We welcome the committee's report and will consider its recommendations carefully," the spokesperson added. The government said it has clear metrics to help show whether delivery is leading to real improvements, focusing on outcomes. An official said it is using the best available data to understand how services, capability, and performance are changing and it plans to publish regular updates. However, the committee criticized the government's decision to publish its "roadmap" as a website rather than the usual command paper, as it "allows updates to be made without triggering GOV.UK alerts, which limits the extent to which the government can be held accountable for its delivery." The report said: "An example of how DSIT's priorities had changed since the publication of the blueprint came in April 2026 when the Minister for Digital Government and Data confirmed that internal pilots of in-house productivity tools had been paused after they had been 'superseded by more modern, widely available platforms,' without specifying which ones." Hype is not the only threat to progress in improving digital government. Legacy systems were also in the crosshairs of the SITC report. It said "a lack of authoritative data on legacy systems across the public sector was a significant issue," four years after the previous administration promised to do just that – with a shared spreadsheet. The committee also named vendor lock-in as a barrier to progress, citing concerns about the dominant position held by AWS and Microsoft, as well as controversial contracts with Palantir. Again, this is not a new challenge. Hype, however, might be the easiest to fix. Moving away from legacy systems is complex, and escaping vendor lock-in takes time. Avoiding overinflated expectations? Even a politician could do that. ®

OPINION The US government is reportedly weighing whether to take a financial stake in AI companies, which looks a bit like negotiating for a seat on the Titanic. Neither OpenAI nor Anthropic, the marquee brands in US AI, are profitable yet. While Anthropic may be nearer to that point if its accounting survives scrutiny, OpenAI's $1.4 trillion in financial commitments over the next eight years have been interpreted as a red flag for investors. This raises (at least) two questions: Should the US government be picking winners? And should the US government be picking losers? The first question appears already to have been decided. As noted by the US Council on Foreign Relations, since January 2025, the feds have invested $20.9 billion in sixteen deals that involve direct ownership. This represents a change from more hands-off financial arrangements involving grants, loans, and tax incentives. The Department of Commerce, for example, has taken a 10 percent stake in Intel, once a symbol of American technical prowess and now a national security backstop. The Development Finance Corporation had invested in minerals, energy, and infrastructure. And the Department of Defense has undertaken at least seven similar deals. Neoliberal US notions about competition and the separation of church, state, and private industry have succumbed to the new world disorder. When economists from Harvard and Yale looked at the issue in a 2021 paper titled "The Dance Between Government and Private Investors: Public Entrepreneurial Finance around the Globe," they were cautiously optimistic. Authors Jessica Bai (Harvard), Shai Bernstein (Harvard), Abhishek Dev (Yale) and Josh Lerner (Harvard) looked at 755 entrepreneurial finance policies in 66 countries during the period from 1995 to 2019. They concluded that "government funding programs are associated with subsequent increases in innovation," as measured by "top patents." They offered some caveats, such as the observation that "government programs frequently rely on private capital markets through capital matching requirements, where private capital groups are often allowed to invest in more preferential terms than the public funds." And they also noted that economists have long recommended government investment in response to market failures – areas where private funding has chosen not to invest, presumably due to the uncertainty of returns. A recent example of that would be the US Commerce Department's decision to invest $2 billion in quantum computing in exchange for a minority controlling stake in nine technology companies. Pure-play quantum computing companies like D-Wave, Quantinuum, IonQ, and Rigetti Computing are not making a profit. But concern that quantum computing might some day do meaningful computing not possible with classical computers is enough to keep the funds flowing for now. The US government's reported interest in AI companies might be interpreted in a similar light, as a bailout for companies that have committed to spend heavily on data centers before demand has been demonstrated and pricing has stabilized. With OpenAI and Anthropic preparing to go public, the White House would do better to wait before placing its bet. OpenAI CEO Sam Altman is said to have pushed for federal investment last year but publicly repudiated the idea after CFO Sarah Friar suggested federal loan guarantees. If the feds were to buy into OpenAI, the deal might take the form of a public wealth fund – so the public would receive revenue from intellectual property that AI firms have captured and are reselling. US Senator Bernie Sanders (I-VT) last week said he planned to introduce a bill called the American AI Sovereign Wealth Fund Act. Funded by a one-time 50 percent tax paid in AI company stock, it would give the public a say in how AI is used and a portion of the revenue generated by AI companies (which, again, follows from the largely uncompensated capture of public content). Meanwhile, the White House last week issued an executive order directing "the national security enterprise to accelerate AI adoption to meet surging demand, adapt the best commercial and open-source technologies for mission use, assure that fielded systems are robust, steerable, controllable, and preserve clear lines of accountability under the Constitutional chain of command." And the order promises "new partnerships with willing private-sector companies to secure America’s cutting-edge AI against global threats." Buying into these companies doesn't make a lot of sense if they can deliver on their promises at a viable price. The market would ensure plenty of good options for federal procurement. But if leading AI models are priced like Claude Mythos, reported to run $25 per million input tokens and $125 per million output tokens, or about 5x Opus 4.8, there may be some concern that leading edge AI will be too costly for much of the market. Uber's $1,500 monthly token spending cap per employee AI tool suggests companies won't reward the AI industry for over-investing. If cutting-edge AI is going to be priced out of reach for most industries and if it really can accomplish things that lesser models cannot, the case for federal involvement gets stronger. It would be a shame if the feds rewarded OpenAI and its peers with taxpayer money because that would reward fiscal irresponsibility and hinder startups hoping to innovate. Worse still, it would commit funds prematurely and unnecessarily for some notional national security edge that's razor thin and is being dulled by evolving open weight models and foreign model providers. The jury is still out – there are at least 115 lawsuits against AI companies – on whether there's a broad, sustainable market for AI services outside of software development and perhaps a few other knowledge work markets. The government should wait for the courts, the public, and the market to weigh in before riding to the rescue. ®

At its 2026 Worldwide Developers Conference, Apple offered a vision of how to integrate AI with its products that stands out for its sobriety, responsibility, and plausibility. In contrast to the job-killing, security-breaking, human-replacing hype promulgated by the likes of Anthropic and OpenAI, company execs dialed down their usual superlative-laden effusiveness to convey how AI tools can actually help software developers, as well as those using Apple products. Capabilities like Safari's Notify Me – website change notification – and the browser's low-code extension creation service called Describe an Extension look like solid uses for machine learning technology. Part of Cupertino's more modest marketing may be attributable to the crow that the company has eaten as a result of underperforming AI. But it also fits with the lack of sizzle in the company's three areas of focus: platform improvements, child safety enhancements, and Apple Intelligence. Platform improvements like 30 percent faster app launches, Photos loading that occurs 70 percent faster, and a more efficient CPU Scheduler aren't exactly the sorts of features that marketing departments know what to do with, even if they deliver noticeable user experience improvements. And Child Safety, while welcomed by some and politically expedient at this moment in time, is fundamentally about limiting the use of Apple products rather than expanding it. That leaves Apple Intelligence, which has underdelivered since its introduction in 2024. "Rebuilt from the ground up, Apple is trying to make AI feel native, useful, and invisible across the devices people already use every day," said Francisco Jeronimo, IDC VP of client devices, in an email to The Register. "This matters because the winning AI experience for consumers will not be the loudest or most technically complex. It will be the one that understands context, respects privacy, works reliably across apps, and reduces friction without forcing users to change behaviour." Much of the developer keynote focused on improvements to Siri, now rebranded Siri AI, which will reach the general public when the v27 of Apple's various platforms drop this fall. Apple developers can now access better versions of these releases. But beyond the claim that Siri is now fit for purpose, the presenting Apple execs managed to highlight the company's substantive advantages in terms of privacy, integration, and cost. And they made a good pitch for developing AI applications on Apple platforms, and for using the Swift programming language to do so. "Today, many AI providers talk about privacy, but by default, most of them retain your personal interactions, leaving the onus on you to defend your privacy," explained Craig Federighi, Apple's SVP of software engineering. "Like using temporary chats, deleting conversations, or even turning off entire features. At Apple, we believe privacy in AI is non-negotiable." While Apple has overpromised on privacy in the past – describing privacy as a human right and then treating it as a government-granted perk – the company's AI privacy story, centered around Private Cloud Compute, has been compelling enough to prompt Google to copy it. Anyone developing applications with AI tools should be thinking about data security and data privacy. Cloud-based AI models can easily capture sensitive data. Apple is offering developers the ability to use its Foundation Models framework – based on Google's Gemini model family and newly multimodal – on-device or in Private Cloud Compute, while also allowing integration with cloud-based model providers and custom models where necessary. What's more, it is doing so in a way that respects the reality of software development – not all developers can risk wiring their app to a costly AI API (e.g. Claude or Codex) that might produce AI bills above and beyond app revenue. So Apple is making the Foundation Model framework available on Private Cloud Compute with no cloud API cost for devs who have yet to make it big. "Developers with fewer than two million first time App Store downloads will be able to use Apple Foundation Models running in Private Cloud Compute with no cloud API costs," said Joshua Shaffer, senior director of software at Apple, during Apple's Platforms State of the Union presentation. "It's access to frontier level intelligence with unparalleled privacy protections. Because getting started, exploring ideas shouldn't be held back by infrastructure costs." Or by infrastructure barriers. One of Apple's advantages is its control of both hardware and software. And the company is making use of its technology stack to solve the context problem. AI models perform better when they have access to contextual information. Because that information is commonly siloed by application boundaries, permissions, and other sorts of controls, developers may not be able to provide AI services with enough useful information. Apple has announced both enhancements to existing technologies and new ones to help make contextual information more accessible to AI models and to improve AI-oriented development. For example, Spotlight, Apple's on-device search indexing service, has been rewritten to suck less – it has a long history of spotty service, requiring users to remove their storage device and re-add it to trigger re-indexing. What's more, Spotlight has been integrated with Siri in hopes that it will make the service more effective at finding files and surfacing relevant data in apps to inform AI queries. Apple's Xcode 27 sports various improvements, though the most notable change arrived in February, when Xcode 26.3 added support for Anthropic's Claude Agent and OpenAI's Codex. That list has now been expanded to include Google's Gemini and agent customization. The IDE's integration with AI coding agents is a meaningful improvement because Xcode can be rather daunting and complicated for those who aren't veteran Apple platform developers. Being able to ask an AI agent to identify some small configuration stumbling block is a welcome change. The App Intents framework has been extended to help developers make better use of Siri AI capabilities through personal context understanding, access to app actions, and onscreen activities. There's also a new Core AI framework, "a modern, memory-safe Swift API that lets you load, specialize, and run AI models entirely on-device, keeping user data private and your apps responsive, with zero server dependencies and zero token costs," as Apple puts it. If frontier model leaders like Anthropic and OpenAI continue to raise prices, Apple's local model story is likely to look more and more compelling. ®

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and cryptocurrency - and this one doesn't even involve embedding IT workers at high-profile tech giants. A previously unseen phishing crew, suspected to have DPRK ties, sent more than 250 emails to people working in almost 100 organizations, mostly based in the US, over six weeks in April and May. According to security sleuths, it is yet another digital-heist attempt designed to steal cryptocurrency wallets and developers’ credentials. Proofpoint threat researchers spotted this campaign and tracked the digital thievery as UNK_DeadDrop. Like earlier phishing expeditions from the Norks, including the Contagious Interview campaign, this one uses developer recruitment or code review lures to target victims, primarily in technology, education, business services, and financial services, and ultimately steal credentials and cryptocurrency. In another common tactic seen with DPRK-linked credential-stealing activities, the lures attempt to send victims to attacker-controlled GitHub repositories hosting malicious scripts that execute cross-platform malware across macOS, Linux, and Windows machines. “However, there are several differences between the activity sets, such as the shift in social engineering from arranging fake interviews to unsolicited job offer or code review approaches as well as the move from delivery platforms such as LinkedIn to email,” researchers Saher Naumaan and Carlos Rubio said in a Monday blog, citing other differences between UNK_DeadDrop and Contagious Interview. “Based on the use of email for initial access, the high volume of emails, industrialization and scale of repository creation, a new self-contained payload, and distinct infrastructure from previous Proofpoint observations of Contagious Interview campaigns, Proofpoint Threat Research continues to track UNK_DeadDrop activity as an independent cluster,” the researchers wrote. Full-stack engineer wanted The attacks begin with an email that looks like it originated from a real company, with job offers for developer roles including “Full-Stack Engineer” or “Agent Lead Developer” positions. Proofpoint caught the crooks spoofing a handful of companies to send these emails from attacker-owned sender domains including: Ondo Finance: a decentralized finance (DeFi) platform Empower Pharmacy: a pharmaceutical company NXLog: a log collection and centralization tool OnePlan: a strategic portfolio and work management platform Hypen Connect: a Web3 and AI Talent Agency Valon: a mortgage service provider Nourish: a telehealth company The emails contain links to GitHub repos disguised as coding assignments or cryptocurrency-related projects - part of the phony job application process. All of the emails instructed the target to clone the repository and open it in a code editor like VS Code or Cursor. Proofpoint’s report lists all 10 repositories, all focused on four themes - cryptocurrency platforms, exploit archives, Foundry testing, and AI payments - and all hosted by different GitHub accounts, so be sure to check out the vendor’s list. In May, the attackers switched tactics and began sending victims requests for peer reviews on open-source projects, with a potential job offer based on the fixes. These emails purported to come from cryptocurrency trading or prediction companies, including Pulsynk and Trixauvex. Another UNK_DeadDrop campaign in late May targeted finance and technology companies, requesting recipients to test an ERC-4626 vault in Foundry, a toolkit for Ethereum and smart contract development. In all of these instances, when the victim opens what they believe to be a legit repository folder in an integrated development environment, a pre-configured task silently executes and triggers a platform-specific loader that decodes embedded payloads on whatever system the developer uses, working across Linux, macOS, and Windows machines. The loader installs a malicious VS Code extension (VSIX) masquerading as a legitimate Google service. Every time the user opens the code editor on macOS or Linux, the VSIX extension activates, and relaunches the infection-chain if it’s not already running. The persistence mechanism doesn’t work on Windows machines, however. After installing VSIX, the infection chain looks different, depending on what platform the target uses. The Linux and macOS attacks use a native Go binary that connects to the command-and-control (C2) infrastructure as a persistent remote access trojan (RAT). The Windows chain, however, runs a Node.js pipeline inside the editor's Electron process. Both use the same C2 infrastructure and exfiltration endpoints. Linux, macOS backdoors The Linux and macOS binaries are based on the open-source Overlord C2 framework - this is a legitimate red-team tool that automates covert infrastructure setup and management, and orchestrates post-exploitation activities. This, of course, also makes it a very handy tool for attackers. For this campaign, the North Koreans added three custom modules: browserlogin (Chrome and Firefox credential theft), companywallet (crypto-wallet stealer and exfiltration), and cleanup (anti-forensic removal of workspace artifacts). On macOS, Overlord first collects wallet extension data, browser profile artifacts, and standalone wallet directories, compressing them into a ZIP and uploading them to the C2 server. Five minutes later, the malware moves on to credential theft, using a second embedded Mach-O binary that displays a fake system dialogue and prompts the user to enter their password. The Overlord process validates the credentials, and assuming they are legit, the malware modifies keychain access-control lists across Chrome, Brave, Edge, Opera, Vivaldi, Arc, Yandex, and other Chromium-based web browsers, before extracting Safe Storage keys and sending all of the stolen goods - collected credentials, Safe Storage keys, and keychain data - to the attacker-controlled server. The backdoor also re-launches itself as root, using the stolen password. The Linux malware follows a similar pattern, first scooping up wallet-related data and sending that via ZIP to the C2 server before moving on to credential theft. It, however, uses Zenity, a standard GTK dialog tool, to create a prompt and collect victim credentials. This backdoor attempts to steal passwords from GNOME Keyring by spawning Python 3 processes for each browser, and ultimately re-launches itself as root using a swiped password. Windows attacks Windows attacks run entirely as JavaScript inside the editor's Electron process, which appears as Code.exe in Task Manager. The malware first steals wallet info, targeting 35 wallet extension IDs (MetaMask, Phantom, Rabby, Keplr, and others), 18 standalone wallet applications (Exodus, Electrum, Ledger Live, Monero, Solana CLI, Bitcoin, and others), and Firefox profiles. Next, it installs Python and executes a stealer (detect_malware.py) for each browser profile that collects a ton of credentials across Chromium and Firefox browsers, steals cookies from Chrome/Edge/Brave and uses COM Elevation Moniker to access credentials across these browsers protected by App-Bound Encryption. It also attempts to read locked databases using five cascade methods, and ultimately uploads all the secrets to the same endpoint before terminating. “UNK_DeadDrop activity suggests North Korea-aligned operations targeting developers for financial gain are maturing and evolving,” Naumaan and Rubio wrote. “The shift from active social engineering over social media platforms to conduct fake interviews to large campaigns of recruitment-themed phishing emails distributing links to malicious repositories could indicate an actor industrializing and scaling operations.” ®

Apple is turning parents into a corporate IT help desk, with rigid new monitoring and compliance tools for their children’s iPhones and iPads that will prompt for mom and dad's approval each time their kids visit a new website or want a new app. Apple's new trust and safety features for kids and teens will also automatically block nudity and gore from appearing on apps, even during live Facetime calls, while giving parents more control over the amount of time their tots spend glued to Cupertino’s OS. Apple execs stated that that kids and teens use their phones and iPads to build independence, nurture creativity, and enhance learning, without mentioning the hours of mind numbing short videos fed to tots by social media algorithms. But the new iOS has a way to limit that as well. “This year we’re taking a big step, expanding our child safety features, and empowering our child safety features with powerful and intuitive tools,” said Craig Federighi, senior vice president of software engineering. Apple’s child account feature already blocks adult websites, but now it can control what kids can see, who they can talk to, and when they can use the device, and it gives guidance for parents while setting up the permissions. With Ask to Buy, a setup assistant prompts parents through a configuration that decides which apps kids can access. It also means parents are the gatekeepers for all apps a kid wants to download. So every time a kid sees an app their friends are using, parents can expect a call or text to add the app to the “allowed’ list. Apple also introduced what it calls Ask to Browse, so when kids navigate away from trusted sites, parents will also need to authorize those trips. Once the new iOS is available this fall, parents can control their kids’ chats and calls, with parental approval needed before any new contacts are able to communicate via the child’s phone. Additionally, Apple will scan media inside messages to check for nudity or gore and automatically blur the image. However, in the demonstration during the WWDC keynote, it appeared to also contain a permission that says “Are you sure” with an option to then unblur the image. With Time Allowances, Apple divides entertainment, games and social media into distinct categories, and offers recommendations to set a maximum daily allotment for each. In their demonstration, entertainment and games were each recommended for one hour, while social media was limited to 30 minutes. Parents will also be able to control when certain apps are available, so that if a child has their phone in school, some apps will not be accessible. The new OS will also give parents the ability to pause all phone use, allow unlimited use, and see how much time their kids have spent on which apps. Apple’s VP of Health Sumbul Ahmad Desai said the goal is to protect the time children need away from phones for school, sports, sleep, and socializing. Apple said all of its updates were designed with input from child health organizations including the American Academy of Pediatrics, Childnet, ConnectSafely, Family Online Safety Institute, and Common Sense Media. Along with Microsoft and Disney, Apple is a top sponsor of the non profit, Childnet. Apple also is listed along side Google, Meta, Discord, and Snap as supporters of ConnectSafely. Apple said it is working with the American Academy of Pediatrics to adapt the family media guide it created into a plan Cupertino can use. ®

Apple’s revamped artificial intelligence stack and a revamped Siri were front and center at Monday’s WWDC keynote, making it clear that, this time around, it’s do or die for Apple AI. The keynote itself and the announcements that followed were all about Siri and Apple Intelligence, with platform improvements and child safety updates a blip in the hour-long broadcast. Given the relentless industry hype around AI and Apple's missteps there so far, no one should be surprised. Apple Intelligence itself is a two-year old AI effort that fell so flat that it led to a lawsuit arguing Apple lied to the public about Siri’s capabilities, ostensibly granted by Apple Intelligence features. According to the lawsuit, Apple Intelligence, and the Siri improvements it was supposed to bring, were just an excuse for Apple to sell new iDevices that it claimed were the only ones able to support the new features. Unsurprisingly, Apple is taking a page out of Google’s playbook. The company did sign a massive deal with The Chocolate Factory earlier this year to make Gemini the foundation of its new foundation models, which Apple highlighted early in the keynote address. Yes, it's calling its new Apple Intelligence models its own foundation builds, but Google Gemini was cited as being a core part of its own AI development in recent months. Apple AI can now do things that Android devices have had for some time, like understanding image, voice, and text context, and can turn things like Safari extension development and Shortcut building into natural language processes. Siri itself, as the communication front-end for Apple Intelligence, has been renamed "Siri AI" and is getting a standalone app a la Gemini. It can now have back-and-forth conversations, and the like, and all of a user’s conversations and requests synced to their iCloud account to make them accessible across devices. A new preview page has the full rundown, but suffice to say if you’ve used a Google-branded Android device with a modern version of Gemini built in ,you’ll be familiar with most of what Apple came out with. It’s not groundbreaking or game changing, but it is a bit of feature parity that Apple has failed to keep pace on since the original Apple Intelligence disaster. This time around, Apple made it clear from the start that it's rolling out Apple Intelligence features and Siri upgrades to devices that already exist, so please don’t rush out and spend money and then sue ‘em when you’re not happy. Sure, some of its top-tier on-device AI features are going to be limited to the iPhone 17 line, iPhone Air, iPad M4 or later, and Mac M3 or later (12GB of memory minimum for covered iPads and Macs), but the rest of the features are available on older devices. By older, we mean the iPhone 16, iPhone 15 Pro/Pro Max series, iPad Mini A17 Pro, and iPad and Macs with an M1 or newer, so not that old – but at least you don’t need new hardware to use the AI and Siri improvements on the iOS 27 series. That said, Siri isn't shipping with the iOS 27 dev beta that dropped today – you'll have to join a waiting list. And advance apologies to European iUsers: Siri AI isn't coming to the EU quite yet, with Apple blaming the Digital Markets Act, saying that Brussels "did not accept any of Apple’s proposed solutions to bring Siri AI to the EU while safely supporting other virtual assistants." This opportunity comes once twice in a lifetime These new AI features will actually need to deliver on what Apple promised back in 2024, with potentially damning consequences if it fails again. Not that Apple hasn’t been trying to repair its reputational dent: The company shuffled its AI leadership in the wake of the 2024 Apple Intelligence failure earlier this year, with Apple AI chief John Giannandrea replaced by ex-Google Gemini chief Amar Subramanya. Overall AI direction was passed off to SVP of software engineering, Craig Federighi, earlier this year too. Federighi’s going to have a lot to answer for if this goes wrong. Most important, there's a new boss in town – this was longtime CEO Tim Cook's last WWDC keynote before former hardware engineering chief John Ternus takes the reins this fall. Cook had a tremendously successful tenure at Apple from an operational and fiscal perspective, but the company didn't innovate as significantly under him as it did under Steve Jobs' second go-around, and Ternus has a huge opportunity to position Apple as the more human face of technology in general, and AI specifically, once again. Analysts were optimistic about Apple’s AI and Siri revamp announcements, but also retained a bit of caution. Francisco Jeronimo, IDC’s VP of client devices, described WWDC 2026 as a credibility test for Apple AI. “Apple does not need to win AI by having the biggest model or the loudest demo,” Jeronimo said in emailed comments sent to The Register. “It needs to make AI trusted, useful, and invisible across the ecosystem.” Jeronimo believes Apple has done that based on what he saw during the keynote, calling attention to the company’s mention of private cloud and on-device AI as an attempt to improve AI trust, and interaction with Apple’s various operating systems as a way to make it a seamless part of the iExperience. “Apple didn't come out with every possible AI/smart assistant feature,” IDC research director Ramon Llamas added, pointing to the lack of agentic AI announcements. “But it did highlight that it intends to be a major player.” Other analysts similarly praised the announcements for showing that Apple isn’t chasing the hot new AI trends and is focusing on things that’ll actually be useful for its users, changing Apple’s ecosystem for the better by trying to blend AI into everything users do on its devices, and making AI feel private and useful for mainstream users. One word kept coming up alongside the accolades, though: “if.” Apple has left industry watchers skeptical, in other words. No pressure, but Apple’s near-term success or failure appears to be entirely in the hands of Subramanya, Federighi, and their teams. With the developer betas of iOS, iPadOS and macOS out now, the next few days will be big ones for Apple and its hordes of fans. ®

Check Point released an emergency fix on Monday for a critical authentication bypass vulnerability affecting its Remote Access VPN and Mobile Access deployments - but attackers, including ransomware criminals, got a month-long head start. Attacks against the bug, tracked as CVE-2026-50751, began on May 7, according to Check Point VP of research Lotem Finkelstein, and picked up in early June. The security software vendor spotted suspicious activity and began investigating the zero-day on June 4, Finkelstein said in a Monday blog. “We have observed indications that exploitation has been limited to a relatively small number of targeted organizations (several dozen globally), primarily over the past few days,” Finkelstein wrote, adding that, in at least one case, investigators observed post-compromise activity associated with a Qilin ransomware affiliate. This same ransomware scum is also likely exploiting other VPN-related vulnerabilities in Palo Alto Networks, Fortinet, and F5 products, Finkelstein said. CVE-2026-50751 is due to a logic-flow weakness in the Remote Access and Mobile Access certificate validation process, and it allows remote attackers to bypass authentication and establish a remote access VPN connection without a user password. It affects Mobile Access/SSL VPNs, Remote Access VPNs, and Spark Firewalls configured to use the deprecated IKEv1 key exchange protocol. While investigating CVE-2026-50751 and affected VPN components, Check Point found another vulnerability, CVE-2026-50752, in its Security Gateways and Spark Firewall products. It’s due to a bug in the certificate validation logic of the deprecated IKEv1 key exchange method, and can lead to man-in-the-middle attacks on the VPN site-to-site configuration. Check Point says that it hasn’t received any reports of in-the-wild exploitation of CVE-2026-50752. Check Point urges customers running vulnerable gateways and firewalls to apply the hotfixes, and the vendor also provided alternative mitigation options with instructions in the security advisories. The software provider also published a list of indicators of compromise, including attacker IPs, and recommends customers search Check Point SmartConsole logs for possible VPN certificate authentication attempts associated with observed attacker infrastructure and certificate subject names for at least May 7 through June 5. ®

UBUNTU SUMMIT Canonical is still experimenting with the format of the Ubuntu Summit series of free conferences, and its most recent instance, the 26.04 edition, was a primarily online event. There was a small in-person invited audience, which by our informal estimate was about half the size of the one at last October's edition. The event opened with a keynote from Canonical founder Mark Shuttleworth, and his opening sentence set the tone for much of what would follow: The agentic revolution will touch every aspect of human endeavor. We take that to mean the use of LLM "agents" to develop software, translate between human languages and from speech to text, and so on. For all that this vulture might personally dispute just how revolutionary this is, there were some 21 full-length talks over the two days of the summit, and about half of them were about AI, or at least touched upon the subject. Shuttleworth's keynote also contained the biggest Canonical product announcement of the event: the new Workshop sandboxed LLM development environments (at the 20-minute mark in the video above). Workshop uses Canonical's LXD "containervisor" and snap packaging to make it easy to install and run LLM agents, while keeping them isolated in sandboxes so that they can only access specific limited resources in that user's home directory. For instance, they can access the machine's GPUs and nominated local files, while being walled off from personal data such as stored credentials. As Shuttleworth put it: You can run random code, from the internet, on your laptop, without handing it root. Canonical also announced Workshop online the same day, with a collection of documentation already available, including a tutorial. Workshop is an open source project with the source code on GitHub. Later that day, engineering manager Dmitry Lyfar gave a talk on the new tool, titled Introducing Workshop. Shuttleworth's keynote was followed by another by VP of engineering Jon Seager. As we reported last month in our article on AI integration into Ubuntu and Fedora, Seager recently published a blog post about the company's AI intentions. In his keynote, Seager said that this post had been "SEO'd to death," but he too devoted a substantial part of his talk to AI, saying: Ubuntu can't be in the conversation about AI and open source unless it has a position and a stake. Seager also spelled out some of what this will mean, from small feature improvements such as improving auto-focus in webcams and making power management more intelligent, to more significant features. He called out accessibility as a key area for investment and improvement. He said that "existing Linux screen readers suck" – harsh, but not entirely unfair – and that there is "so much room for improvement" in that area. He continued that the plan is "to enable speech-to-text everywhere in the desktop," but said "AI is transformative for people with disabilities" and that the company soon hopes to preview the "first AI-powered context-aware desktop features." In case, this sounds niche or unimportant, it really isn't. Speech-to-text is a vital tool for people with physical impairments that make typing difficult. This vulture has written at length about the importance of keyboard user interface design, as well as about how few Linux desktops fully and correctly implement it, leaving Apple with a significant edge in this area. As it happens, this author is a keyboard-intensive user with relatively poor eyesight, so this matters to us. Register accessibility columnist Colin Hughes has written about the importance of speech-to-text UI. For now, Linux's usability in this area is much poorer, and as Wayland displaces X11 from the big-name desktops, it's about to get a lot worse, as the recent blog post from "nocoffei" describes: My Accessibility Stack and the future on Wayland. "nocoffei" links to the same series of blog posts by TapType developer Aaron Hewitt that we did back in March, under the collective title "I Want to Love Linux. It Doesn't Love Me Back." We recommend them again: Built for Control, But Not for People: Linux is already broken before you even start The Audio Stack Is a Crime Scene: You can't hear anything – and it's not your fault Interlude – A Thank You, Where It's Due: This is what it looks like when people care In part 4, he takes a surprising new direction: Wayland Is Growing Up, And Now We Don't Have a Choice: The future is Wayland. Let's make sure we're invited. In that, he reports on significant strides in keyboard-driven accessibility for blind users with GNOME on Wayland – but as nocoffei's post spells out, that is no help to those who can see fine but can't type. If the integration of AI into Ubuntu can address this or improve on the current situation, that will go further toward ameliorating this vulture's deep skepticism about the viability of LLMs than anything else. Bootnotes Canonical invited The Register to attend the Summit in person, and paid for our travel and accommodation during the event. Indeed, if you look closely at the 30-second mark of the highlight reel – it's only 50 seconds long, so it's not too arduous – you can see The Reg FOSS desk's hands typing away industriously into Logseq. Back in April 2023, severe injuries from a road traffic accident very nearly cost the author one of those hands, which is part of the reason for his interest in accessibility tools – as well as the reason for the MacBook Air visible in that video, into which his articles were dictated for the next few months. On the subject of AI integration into desktop distros, it's interesting to note that since we wrote about AI tooling in Fedora a month ago, there has been considerable pushback from the user community, and two committee members have changed their votes to oppose it. ®

At the recent TNB Energy Transition Conference, ZTE showcased an integrated portfolio of digital utility, Artificial Intelligence (AI), and intelligent infrastructure technologies. The display highlighted how advanced connectivity and digitalization can support the evolving needs of modern power utilities while driving Malaysia's broader energy transition ambitions. The technologies presented by ZTE encompassed a broad range of digital utility and intelligent infrastructure solutions designed to support the evolving needs of modern power systems. These included Digital Utility Solutions that demonstrate global best practices in utility digitalization and smart grid communications, AI-driven platforms that enhance operational intelligence and predictive decision-making, as well as integrated grid connectivity technologies that enable secure, resilient and wide-area communications for critical utility operations. The showcase also featured Smart Energy Innovations that apply AI technologies to energy optimisation, forecasting and sustainability initiatives, alongside Next Generation Optical Transport Networks that provide secure, high-capacity backbone connectivity for digital utility infrastructure. Collectively, the integrated technologies demonstrate how intelligent digital infrastructure can help utilities improve operational visibility, strengthen grid resilience, enhance efficiency and support more advanced energy management capabilities. The solutions are aligned with broader digital utility transformation efforts, including initiatives undertaken by utilities such as Tenaga Nasional Berhad (TNB), by supporting capabilities such as real-time monitoring, operational efficiency, enhanced visibility of network performance and intelligent utility management. Liu Bang, Managing Director of ZTE Malaysia, said: "These technologies demonstrate how AI-driven platforms, intelligent connectivity, and optical transport networks can support the future of digital utilities and smart grid development." "Through our collaboration with Tenaga Nasional Berhad (TNB) on selected technology initiatives, ZTE continues to contribute its expertise and innovation capabilities. We remain committed to supporting utility digitalization and Malaysia's broader energy transition aspirations," Liu added. In addition to its digital utility and intelligent infrastructure solutions, ZTE also showcased its latest mobile gaming devices, demonstrating the company's continued innovation across both enterprise and consumer technology segments. Among the devices on display was the nubia Neo 5 GT 5G, an affordable gaming smartphone equipped with a built-in cooling fan designed to maintain performance during extended gaming sessions. ZTE also presented the REDMAGIC 11 Pro, its latest flagship gaming smartphone featuring an advanced liquid cooling system and an under-display front camera design that delivers a true full-screen gaming experience without a visible camera cut-out. The devices reflect ZTE's broader commitment to technological innovation across communications infrastructure, artificial intelligence, digital utilities and next-generation smart devices. Beyond the technologies presented during the conference, ZTE has participated in technology validation and assessment activities relating to smart metering communication solutions. These activities have provided valuable insights into the performance, reliability and applicability of the technology within utility operating environments. Aside from that, the readiness of ZTE's local delivery and technical support teams, together with ecosystem partners, will support long-term utility digitalization initiatives across Malaysia. As the country advances its National Energy Transition Roadmap ("NETR") ambitions, ZTE believes intelligent utility technologies will play an increasingly important role in accelerating Malaysia's energy transition by enabling accurate metering, improving operational transparency, strengthening grid resilience, and supporting more efficient energy usage. The technologies are also expected to support TNB's broader AMI ambitions, while enabling future smart energy applications such as rooftop solar integration, EV charging optimization, and demand-side energy management capabilities for households and businesses. Through continuous innovation and strategic collaboration, ZTE aims to support utilities in building intelligent, scalable and resilient infrastructure capable of supporting the future demands of the energy sector. Contributed by ZTE.

The devil may wear Prada, but soon Moon-bound astronauts will be sporting unmentionables from the high-fashion brand. Okay, to be honest, Prada hasn’t actually designed haute-couture Italian astronaut underthings for casual rocket missions so much as its existing collaboration with Axiom Space has been expanded to include a base layer for the Axiom Extravehicular Mobility Unit (AxEMU), which the pair announced in 2024. One can’t be caught in an unfashionable Liquid Cooling and Ventilation Garment (LCVG) inside a fashion house EVA suit, after all. Axiom rolled out the LCVG in New York City over the weekend, describing it as the companion piece that future NASA Moon explorers will be issued when humans return to the lunar surface as part of the Artemis IV mission in 2028, provided that the timeline doesn’t change again. According to Axiom and Prada’s announcement, the new LCVG will be much like old designs, inasmuch as the ensemble is outfitted with a bunch of tubes circulating chilled water across an astronaut’s body and moving hotter stuff toward the suit’s life-support system, where heat is expelled. The ventilation portion of the acronym involves a series of oxygen tubes “delivering fresh oxygen across an astronaut's face to continuously wash away exhaled carbon dioxide,” which is then removed by carbon dioxide scrubbers in the suit’s life support system. The Prada/Axiom LCVG differs from older models in its redundancy, the companies said. The suit includes “a fully redundant cooling circuit” to ensure no one has to come back to the ship sweatier and nastier than they have to be. Because NASA is envisioning extended spacewalks on the Moon, Axiom and Prada designed the AxEMU to support eight-hour spacewalks on the Lunar South Pole, which the new LCVG is also designed to support. While the companies didn’t give specifics about the materials or other elements of the LCVG, the announcement did mention Prada’s “expertise in engineered knitting and innovative design concepts,” along with advanced 3D modeling, contributed to a “high-performance” suit that includes “specialized fibers that allow the garment to be worn repeatedly across long-duration missions.” Axiom didn’t respond to our questions before publication, so we're left to wonder what those fibers will do - maybe reduce the stink inherent in a long-term lunar mission? Astro-BO doesn’t matter if you can’t make it to the Moon No one wants to be stuck in a tiny capsule with several people unable to clean themselves with much more than wet wipes and dry shampoo, but presumably stink-suppressing Prada space suit unders don’t really matter if future Artemis missions have trouble getting to space. Blue Origin’s New Glenn rocket recently exploded, leading to extensive damage at its Cape Canaveral launch complex and what could be more than a year of reconstruction to get the platform ready for its next launch. SpaceX’s Starship, one of NASA's options for getting astronauts back to the Moon, hasn't done much better of late, and is running short on time to prove it can meet the agency's lunar mission needs. And then there's Axiom and Prada's part in the whole show, which NASA's watchdog has raised concerns about as well. NASA's Inspector General said in an April report that while Axiom currently plans to have demonstration suits ready in 2027, historical testing timelines suggest the agency might not see flight-ready demonstrations until 2031. As it currently stands, Artemis IV is the mission NASA intends to land at the Moon’s south pole, and it plans to do so in 2028. That timeline has already slipped once, and given recent setbacks, could very well slip again, likely giving Axiom and Prada a bit more time to get their interplanetary fashion house in order. ®

An Illinois high school won't reopen until Wednesday at the earliest after suffering a ransomware attack on Sunday, June 7. Evanston Township High School (ETHS), located 14 miles north of Chicago, said it would be closed today and tomorrow, and that the closure also affected summer school, sports camps, and on-campus activities, which are all canceled. "Upon discovering the incident, we immediately activated our incident response procedures and engaged external cyber breach attorneys and cybersecurity forensic experts to assist with the investigation and recovery process," ETHS said in a statement issued via a dedicated information page. "We are working with these specialists to determine precisely what information may have been accessed or acquired and to restore normal systems operations as quickly as possible. The district is cooperating with the Federal Bureau of Investigation (FBI) as part of the ongoing investigation." It said that phone systems are down and staff have limited access to emails. Children and their families may also not be able to access certain online resources, all of which suggests the institution may still be in the containment phase of remediation. Among the online resources currently offline is Home Access Center, which is powered by PowerSchool. PowerSchool itself was was at the center of a cybersecurity disaster in late 2024. However, ETHS has not linked the platform to the ransomware attack. All staff other than safety and operations workers were told to work from home, although their work will be limited since, for the time being, they're locked out of the district's Google accounts and "other network systems, including eSchool." "We understand this situation is disruptive and appreciate your patience and flexibility," ETHS went on to say. "Additional updates and instructions will be provided as they become available." No major ransomware group has claimed responsibility for the intrusion at the high school yet. Education under attack The ETHS incident follows a separate attack on the education sector disclosed on June 4 that affected 13 schools in Powys, Wales. Powys Council set up its own information page about the attack, although it has not revealed much, saying it is awaiting the outcome of investigations by external specialists. However, it said the attack has affected "some school systems" and personal data belonging to both staff and pupils was accessed. The council identified 13 affected schools, although the compromised data only appears to have been taken from one of these, according to current information. Its information page repeatedly uses the phrase "because of the sensitive nature of the data." The council cites this as the reason for not revealing information such as which schools were affected, how many individuals are affected, what types of data have been accessed, and whether this included sensitive or safeguarding-related data. It also refused to say whether the attack involved ransomware or who was responsible for it. However, it said the risk of identity fraud would vary by individual, hinting that different types of personal data may have been accessed. Powys Council confirmed that all schools across the region remain open, and the cyberattack does not affect their day-to-day safety or operations. Education remains a strong target for cybercriminals. Given the sensitivity of the data these organizations store, it makes the sector one of the most attractive for financially motivated criminals looking for an extortion payment. In the UK, the Information Commissioner's Office said that between 2022 and 2024, pupils were responsible for 57 percent of 214 school data breaches, often using stolen login details. ®

Amazon is set to miss its deadline to deploy half of its Leo satellite constellation by July 30, as required by the Federal Communications Commission (FCC). The agency has, however, granted it a waiver of sorts – at the cost of priority status in spectrum licensing. The Bezos-founded behemoth got the go-ahead from the FCC for what was then known as Project Kuiper back in 2020. This was on the proviso that it had 50 percent of its planned constellation of 3,236 broadband satellites in orbit by July 30, 2026. Amazon rebranded its satellite broadband biz from Project Kuiper to Amazon Leo in November last year. However, the company filed an application on January 30 this year seeking an extension of the deployment deadline by 24 months, or alternatively a complete waiver of this milestone requirement. At the time of filing the application, Amazon Leo reported that it had launched just 180 satellites and estimated that it will have deployed approximately 700 by the July 30 deadline. On June 5, the FCC granted Amazon a limited waiver of its 50 percent deployment requirement. However, the company is still expected to meet its final deployment deadline of July 30, 2029, for the entire constellation. Under normal circumstances, if a licensee failed to meet the set interim milestone, its total number of authorized satellites would be capped at the number of satellites that were in orbit and operating on the date of the missed milestone. This will still apply if Amazon fails to have completed its deployment by the final deadline. The FCC says in its order [PDF] that it may waive any rule for good cause shown, though this only tends to happen if such a move is judged to serve the public interest. Amazon blamed delays from rocket launch providers and shortages of launch availability for causing significant backlogs and stretching out its planned deployment timelines. It also claimed that many of its planned launches were further delayed due to "a variety of factors that were outside of its control," including weather, technical problems, and prioritization of government launches. The company is understood to have given the FCC assurances of its ability to meet an extended 50 percent milestone, as well as the final milestone in 2029, providing detailed schedules of future launches along with information on its financial and operational investments in the constellation and its mitigation efforts so far. As a condition of the waiver, Amazon Leo is temporarily losing its priority status for any satellites that are not deployed and operational as of July 30, 2026, as initially authorized in the 2020 Ku/Ka-band Processing Round and in the 2021 V-band Processing Round, the FCC says, and will be reassigned to a later priority status. "Priority status" governs a company's legal right to transmit in a specific orbital slot or frequency block. This ruling means that Amazon Leo satellites deployed after July 30, 2026 will lose their priority access to the Ka/Ku spectrum until either 20 months have passed from that date (to March 30, 2028), or the date Amazon Leo manages to deploy and operate 50 percent of its constellation, whichever comes first. We also understand that Amazon will forfeit the surety bond it agreed to post as a condition of its authorization for satellite launches. The amount involved was not disclosed. The FCC notes that "a number of parties" filed comments in response to Amazon Leo's application, many of which support granting either the requested extension or waiver. However, Elon Musk's SpaceX filed comments opposing the granting of a waiver. This is hardly surprising as Amazon Leo is a direct rival for SpaceX's Starlink satellite broadband service. Back in March, Amazon also tried to get the FCC to reject a SpaceX application for permission to launch a fleet of orbital datacenter satellites. ®

NHS England is handing Microsoft Copilot to more than half a million staff after a pilot claimed the AI assistant could claw back 43 minutes a day from administrative work. On Monday, NHS England announced plans to roll out Copilot to 505,000 clinicians and support staff. Its confidence comes from a pilot involving 30,000 staff across 90 organizations, which the health service says saved users an average of 43 minutes a day on admin, working out to roughly five working weeks over the course of a year. The rollout won't happen overnight. NHS England said that each trust will receive a central allocation of licenses based on headcount, typically starting with around 2,000 Copilot seats, and that more than half a million staff are expected to have access by October 2026. The NHS has no shortage of administrative work to throw at the software. The rollout envisions Copilot helping with discharge paperwork, bed management, rota planning, meeting minutes, board papers, briefings, data analysis, and assorted HR, finance, and procurement tasks. NHS organizations will also receive access to Copilot Studio, Microsoft's toolkit for building custom AI agents. NHS England said trusts will be able to develop agents for tasks such as handling Freedom of Information requests, processing complaints, reducing helpdesk workloads, and assisting with financial analysis. A governance framework called Agent 365 will oversee the deployment of those systems. The health service is not alone in buying into Microsoft's vision of AI-powered digital workers. Lloyds Banking Group signed up for a similar vision last week, rolling out Microsoft's Frontier Suite to support what it called its "agentic future." One detail missing from today's announcement is the price tag. NHS England has not disclosed the cost of the deal, although public pricing for Microsoft 365 Copilot typically runs to tens of pounds per user per month. At list price, a deployment of this size would be worth well into nine figures annually, though large public sector customers rarely pay sticker price. The NHS has spent years trying to reduce paperwork. This time, it's handing the job to Microsoft. ®

Microsoft’s GitHub has disabled over 70 repositories after they were reportedly compromised by a worm in the latest open source supply chain attack. The code shack took down 73 repos within the space of 105 seconds after its alarms were tripped on Friday, June 5, after detecting signs of the Miasma worm infecting its projects, according to StepSecurity’s co-founder and CTO, Ashish Kurmi. Users reported issues quickly on Friday, after visits to those repos all resulted in the same message displayed, indicating that they had been disabled due to terms of service violations. According to StepSecurity’s analysis, the attack kicked off after a compromised contributor account pushed a malicious commit to Azure/durabletask. The commit dropped configuration files that triggered remote code execution on machines when a developer opened the repo in an IDE or AI coding tool, such as Claude Code, Gemini CLI, and Cursor. Several developers soon reported broken CI/CD pipelines, a support thread showed, although a moderator said at the time this was due to “an internal management issue.” "The repo that most immediately caused issues was Azure/functions-action,” Kurmi wrote, used to deploy code to Azure. With it being taken down, every workflow that referenced Azure/functions-action@v1 stopped resolving. GitHub stepped in a few hours after the repos were infected by the malicious commit. Its automated detections kicked in and disabled the repos in under two minutes, in two separate waves. However, it was the borking of the durabletask family that hinted at the bigger picture, that the attack was indeed a re-opening of the previous Miasma worm attack that hit Microsoft last month. Microsoft’s durabletask PyPi package was a previous target of the Miasma worm on May 19. Within a 35-minute window, three versions of the package were uploaded to PyPi, which planted infostealers on developers’ machines, specifically sniffing out cloud secrets and developer tool configurations on Linux systems. Crucially, the re-targeting of durabletask suggests the tokens associated with the compromised developer account used to execute the PyPi attack were not fully rotated, allowing an attacker to gain access and push commits to GitHub, Kurmi said. It was either that, or the contributor was re-compromised through the worm's own propagation loop, or a different contributor's token was used but the attacker altered the metadata to make it look like a repeated attack. Security shop Snyk described Miasma as a descendant of the Mini Shai Hulud worm. It’s the same one that ravaged open source packages over at the npm registry, including Red Hat’s, earlier this month. Cybercrime group TeamPCP claimed responsibility for developing Mini Shai Hulud, which itself is named after an earlier worm of the same name, sans “mini.” However, because TeamPCP open-sourced Mini Shai Hulud, it’s difficult to tell whether it was also behind Miasma or if someone else took the reins on the follow-up project. StepSecurity also reported that two days before the Microsoft attack, the same worm was making a nuisance of itself at npm, compromising more than 50 packages, including a Vapi.ai SDK with more than 408,000 monthly downloads. The Register asked Microsoft for comment, but it did not immediately respond. ®

The Python steering council has surprised onlookers by asking for the suspension of new development on the JIT (just in time) compiler project from the main branch of the Python code repository, pending creation and acceptance of a new PEP (Python enhancement proposal) for the project. Bug and security fixes for existing JIT code in main will continue to be accepted, but if no PEP is submitted and approved within six months, the JIT code will be removed from main. The announcement is unexpected because an improved JIT compiler is one of the key features of Python 3.15, for which features are frozen, and for which full release is expected in October. The release notes promise "8-9 percent geometric mean performance improvement" over the standard CPython interpreter on x86-64 Linux. That said, the JIT compiler is experimental and disabled by default; use requires setting PYTHON_JIT=1 as an environmental variable. The implication of the steering council statement is that the experimental JIT compiler should not have been merged into main, on the grounds that PEP 744, which relates to the JIT, is only informational and contains open questions. "We (the Steering Council) have not been as strict about following the process as a change of this complexity and reach deserves," states the post from council member Pablo Galindo Salgado. These open questions include future maintenance of the JIT, compatibility with existing CPython features and tooling, clear and measurable success metrics, and relationship to third-party JIT compilers. Key JIT contributor Mark Shannon said "stopping all development until a PEP is accepted puts us in an awkward position," because it puts pressure on the JIT team to produce a new PEP quickly, but doing so will not give the community time to discuss it. He said a new PEP was already planned for "later this year when the performance advantage would be larger." Shannon has asked for a grace period of "a month or two" to continue work. He said "a moratorium risks loss of momentum and losing the new contributors we have recently gained." Asked whether development could continue in a fork, Shannon said it was not easy due to the way optimizations are generated, leading to very large code differences that are hard to manage. The impact of the steering council’s JIT statement is that the future of the project is now in doubt, whereas before it looked likely to become part of CPython. Six months is not long for creating a PEP and having it agreed; and if in fact the JIT code is removed from the main branch the project is likely to lose momentum. Salgado said "the intent is not to call for competing proposals" but nevertheless raised the possibility of shifting towards "a JIT infrastructure that can support multiple implementation strategies," and implied the steering council would prefer an infrastructure that is not "highly coupled with a single strategy." The announcement appears to have come as a surprise to Shannon and others suggesting a lack of communication between the steering council and the JIT project team. Another steering council member, Donghee Na, said "the current experimental JIT project needs an official PEP" and "this would be a good time to review the different possible approaches." Fast-track approval of a new PEP will be hard to achieve alongside the lengthy likely discussion of different approaches. Both Galindo and steering council member Thomas Wouters said there is some flexibility around the six-month deadline. "We’re not unreasonable," said Wouters, "but we do want this to be taken seriously."®

Meta has asked a federal judge to hold Israeli spyware maker NSO Group in contempt of court after claiming it caught the surveillance vendor targeting WhatsApp users again despite a permanent injunction ordering it to stop. In a blog post on Monday, Meta said it had disrupted "NSO-linked social engineering attempts" after investigating reports from users. According to the company, the activity involved attempts to lure targets into clicking malicious links that redirected them to websites outside WhatsApp, as well as the creation of test accounts and groups on the messaging platform. "We successfully disrupted NSO-linked social engineering attempts after investigating user reports," Meta said. "They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO." WhatsApp also published a handful of domains it linked to the campaign, including ikhwancast[.]com, ghazacast[.]com, and fr24cast[.]com, and said it was releasing indicators to help organizations identify related activity. The move marks the latest chapter in the long-running legal battle between Meta and the Israeli spyware maker. A US court found NSO liable in December 2024 for hacking WhatsApp users via its Pegasus spyware. In May 2025, a jury awarded Meta roughly $168 million in damages, but the judge later cut that to $4 million while issuing a permanent injunction barring NSO from targeting WhatsApp or its users. Meta, however, says NSO didn't get the memo. "Last year, WhatsApp made history by securing a landmark verdict and permanent injunction barring NSO Group ... from targeting WhatsApp and its users ever again," the company wrote. "Today, we're asking the court to hold them in contempt of that order." The company provided few technical details about the activity, such as when it occurred, how many users were targeted, whether any compromises were successful, or how it attributed the operation to NSO. Meta did not respond to The Register’s questions. However, the blog post adopts a hard line on the spyware industry than previous updates, repeatedly describing commercial spyware as a national security issue. "When a malicious company on the US government's Entity List continues to defy US courts, existing restrictions must remain firmly in place," WhatsApp wrote. "Easing them would undermine US national security and put American companies and billions of people worldwide who depend on secure communications at risk." If Meta's allegations are accurate, the episode suggests that a court loss is not enough to persuade a spyware vendor to leave a high-value target alone. ®

Britain's much-heralded scheme to attract top scientific talent has managed to attract a total of 18 takers, the government has admitted. The Global Talent visa program was launched last summer following announcements from the EU and France that they intended to tempt scientists unhappy with their lot in Trump's America and elsewhere. But while the EU was putting up €500 million ($575 million) in funding for foreign eggheads, the UK could only stump up a dedicated pot of £54 million ($72 million) to lure boffins to Britain. According to the Department for Science, Innovation and Technology (DSIT), UK research organizations have managed to attract ten leading international researchers in the latest wave, who are expected to drive breakthroughs in clean energy, life sciences, and other advanced technologies. This is on top of eight researchers previously announced by the agency. Nevertheless, DSIT today declared a key milestone for the scheme, with all 12 of the Global Talent Fund research organizations taking part having successfully recruited international candidates. This demonstrates strong delivery against initial program objectives, it claimed. DSIT highlighted two scientists that have left the US for Great Britain: Professor Bryony DuPont is joining the University of Strathclyde in Scotland from Oregon State University to work on the use of AI to improve energy systems and make them more resilient to the changing environment. The second is Dr Ivana Bukvin, who is joining the Medical Research Council Laboratory of Molecular Biology, Cambridge, from Stanford University. She is researching proteins to advance understanding of aging and neurodegeneration in diseases such as Huntington's. UK Research & Innovation (UKRI), which oversees the scheme, says it is expanding its Global Talent visa fast-track route to cover all of the Association for Innovation, Research and Technology Organisation members (including IBM). Doing so means it will cover about 100 R&D-intensive businesses across key high-growth sectors, including advanced manufacturing and digital technologies. "It's no coincidence that the world's top researchers, driving groundbreaking innovations in AI, life sciences, advanced manufacturing, and clean energy, are choosing to come to the UK to advance their work," stated Lord Vallance, Minister for Science, Innovation, Research and Nuclear. The government says the Global Talent Fund is also strengthening UK research capability thanks to early investment in infrastructure and lab equipment. Some organizations are already deploying funding into specialist facilities and start‑up resources to support incoming talent, it claims. ®

UK insurer Aviva is receiving tens of thousands of reports from scammers looking to profit from claims embellished using artificial intelligence (AI) tools. Aviva and its wider brand portfolio received an estimated 18,400 plus fraudulent claims in 2025, backed by doctored evidence includeding AI-generated car accident scenes, fake official documents, and fabricated images exaggerating damage. If approved, the sum of these claims would have amounted to £233 million ($310.3 million) across the year, or roughly £638,000 ($850,000) per day. The majority of claims cooked up using AI were related to motor insurance. The insurer says policyholders handed in supporting documents for claims such as inflated costs incurred for vehicle repairs and exaggerated reports of damage. Some claims were fraudulently made to appear more severe, whereas others were entirely fabricated. It marks a shift away from the older fraud model where policy-holders staged incidents such as a crash IRL in the hope of securing a payout. In total, Aviva said the value of scam claims made against motor insurance policies jumped 39 percent, with fraudsters increasingly seeking higher-value payouts. Similar trends were witnessed in liability insurance. While the number of cases remained broadly stable, the value of fraudulent claims rose 32 percent in 2025, with claimants exaggerating loss of earnings, rehab costs, and injury claims. “Professional enablers” – rogue white-collar workers, such as lawyers and medical professionals – are lending their support to the claims, says Aviva. These individuals are also playing a role in the increased value of travel insurance and medical claims for policy-holders. Aviva is countering the rise of AI-enabled fraudulent claims with… AI. It uses a concoction of its own tools and “advanced analytics,” all with human oversight, to help identify suspicious claims faster. Pete Ward, head of claims counter fraud at Aviva, said: “Fraud isn’t a victimless crime – it drives up the cost of insurance for everyone. We have a duty to ensure our customers don’t foot the bill for other people’s dishonesty, and we work tirelessly to root out fraud and stop it wherever we find it. “We’re seeing fraud become more sophisticated, from exaggerated claims to the use of AI-generated documents, and we’re continuing to invest in the tools and expertise needed to identify and stop it. “By detecting and preventing these claims, we’re helping protect honest customers from the cost of fraud.” ®

The UK government is about to unleash an AI-powered CV writer on jobseekers in the hope that the technology taking jobs can also help people to find them. Prime minister Keir Starmer used London Tech Week to announce a three-month trial of an "AI Work Assistant" that officials say will put "a job centre in your pocket," offering around-the-clock help with CV writing, applications, job searches, and career advice. The service is already live online, though the government would like users to keep a few things in mind before handing the keyboard to a large language model: check whether the employer allows AI-assisted applications, make sure the generated content is accurate, and perhaps most challenging of all, rewrite it so it still sounds like you. The government, in effect, is encouraging job seekers to use AI while reminding them not to make it obvious. The service appears to be the latest step in Whitehall's growing enthusiasm for AI-powered public services. Earlier this year, the government confirmed it was working with Anthropic on a chatbot for job seekers, and more recently it launched "GOV.UK Chat," a generative AI assistant bolted into the GOV.UK app that it is boldly pitching as the "most comprehensive government-built chat tool in the world." Whitehall's latest experiment arrives as young workers face the toughest jobs market in years. Official figures show youth unemployment has climbed to 16.2 percent, the highest level in more than a decade, while business groups have repeatedly warned that rising employment costs are making firms more cautious about hiring. "No one doubts the huge potential of tech to change lives," Starmer is expected to say. "But we have to decide who that change is for. This government's choice is clear: the tech revolution must work for everyone, not just a privileged few. We're backing British businesses to lead the way, driving growth and investment that turns into more jobs and stronger communities." He added that ministers were using technology to "bring opportunity to every corner of the country" by helping people into work, boosting skills, and tackling inequality. Alongside the AI assistant, ministers announced AI and technology training for up to 400,000 pupils in disadvantaged schools and a new AI bootcamp program for young people at risk of falling out of education, employment, or training. The announcement comes as ministers are simultaneously grappling with growing concern about AI's impact on the labor market. A recent survey found that almost one in five Britons believe widespread AI-driven layoffs could trigger civil unrest, while more than half expect the technology to reduce the number of available jobs. Those concerns are unlikely to disappear any time soon. The same technology companies building AI systems to automate workplace tasks are increasingly pitching those tools as replacements for at least some human work, particularly the administrative and entry-level roles that traditionally provide a route into employment. Whether employers are eager to receive applications drafted by the same technology they are increasingly deploying to screen candidates remains to be seen. The labor market may yet become an arms race between applicants using AI and recruiters using AI to filter out applicants using AI. Somewhere in the middle, a human being is presumably still expected to get hired. ®