The global AI boom has exposed how unprepared we really are for such rapid data center expansion, and we’ve already reached the point where construction is struggling to keep pace with the continued rate of innovation.

Nowhere is this more evident than across the US, where hyperscalers and cloud providers are racing to build out new data center campuses capable of supporting the next wave of agentic AI workloads. This is, of course, as companies continue to push the boundaries with next-gen frontier models, with both electrical supply and cooling infrastructure in hot demand.

Go from 4K resolution for Crimson Desert to 680Hz for Counter-Strike 2.

Rust is the kind of survival game where choosing the right server matters almost as much as choosing the right weapon. This also reflects on the platform of your choice. If you’re you’re friends are spread across PC, PlayStation, and Xbox, you’ll want to know exactly who can play together before anyone starts building a base.

The answer to the question is simple in one way and annoying in another. Rust supports crossplay between PlayStation and Xbox players, but PC players cannot play with console players. So yes, there is cross-platform support, but only inside the console version of the game.

And because Rust on PC and Rust Console Edition are not treated as one shared version across every platform. They are separate enough in updates, content, performance, and server structure that you can’t just jump from PC into a console lobby.

Can you play Rust cross-platform?

Rust is cross-platform on consoles, but not between consoles and PC. Rust Console Edition players on PlayStation or Xbox can play with other console players. This includes both the PlayStation and Xbox ecosystems, though the console version has been changing as Double Eleven moves toward native PS5 and Xbox Series X/Series S support.

On the other hand, PC players are kept separate. Rust players on PC are playing exclusively in the PC pool, and not with PlayStation or Xbox users. So a player on Steam cannot join his friend playing Rust Console Edition on PS5 or Xbox Series X/S.

Does Rust have cross-progression?

No, don’t expect your progress to follow you across platform families. Double Eleven has said cross-platform progress transfer is not an option in Rust Console Edition. So you should treat your paltform choice seriously. This is even more important to note before you start purchasing skins and are focusing on progressing in one ecosystem.

What about modded and community servers?

This is another reason PC remains the best version if you have the choice. PC Rust has a stronger server ecosystem, including modded servers and more custom ways to play. This is exactly what made Rust so popular, and why fans gravitated towards PC. Console players are not completely stuck with official servers, with support for community servers. These let you tinker with the rules, settings, moderation, and other aspects. But it’s still behind the modded servers on PC.

Security

And then Microsoft busted them all

A single npm user on Thursday published 14 malicious packages within a four-hour window, all mimicking popular OpenSearch, Elasticsearch, DevOps, and environment-configuration libraries, according to Microsoft.

It’s the latest in a seemingly never-ending string of supply chain attacks targeting developer tools, and stealing cloud credentials and CI/CD pipeline secrets in its wake.

Using a newly created maintainer alias, vpmdhaj (a39155771@gmail[.]com), the threat actor published 14 packages impersonating legitimate libraries from the @opensearch and @elastic ecosystems and targeting Amazon Web Services, HashiCorp Vault, GitHub Actions, and the npm registry itself. This suggests that the attacker “likely chose a developer audience to have AWS and Elastic cloud credentials in their environments,” Microsoft warned in a Thursday blog. 

All of the malicious packages include the same install-time stager and the same Bun-compiled, second-stage payload: a 195 KB credential harvester purpose-built for cloud and CI/CD environments.

Plus, as we’ve seen with all of the other open source supply chain attacks of late, after stealing tokens and other secrets, the attacker can move laterally across cloud environments, steal additional sensitive data, and push even more poisoned updates to packages owned by hijacked maintainer identities, thus expanding the attack beyond the initial 14.

All of the malicious libraries have since been removed, and Microsoft published a list of all 14 in its blog. Give that a read to help identify systems that installed or built affected package versions on or after May 28. Be sure to also rotate an AWS IAM/STS, HashiCorp Vault, npm publish, and GitHub Actions tokens that may have been exposed.

To trick users into installing these developer tools and search engines, the attacker used typosquatting – naming a package one or two letters off from the legitimate one – or lookalike naming (such as opensearch-setup-tool, opensearch-config-utility, and elastic-opensearch-helper) to impersonate well-known libraries. 

In addition to this social engineering technique, used to drive installs through users’ typing mistakes or trust, the attacker also used two other techniques to make the supply chain attack more believable.

This includes spoofing upstream metadata. “Every unscoped package sets its package.json homepage, repository, and bugs fields to the legitimate github.com/opensearch-project/opensearch-js project,” Microsoft’s threat hunters explained.

And finally, they inflated version numbers, so the phony “releases” jump straight to 1.0.7265, 1.0.9108, or 2.1.9201 to indicate a mature release history.

After tricking users into installing the npm packages – all 14 are listed in the blog, so give that a read – the credential-stealing payloads automatically execute through preinstall hooks as soon as the victim runs npm install.

For this, the attacker used one of two stagers. The Gen-1 stager uses install, preinstall, and postinstall hooks that all invoke preinstall.js, and then collects a ton of host information including hostname, platform, arch, Node version, USER/USERNAME, cwd, INIT_CWD, npm_package_name, npm_package_version. It then base64-encodes the JSON, and POSTs it to the actor’s command-and-control server, which then serves a second-stage payload, written to payload.bin in the package install directory. 

“The package’s index.js re-launches the same payload.bin on every subsequent require() of the module – a quiet persistence mechanism that survives across CI build stages and developer rebuild loops,” according to Microsoft.

The later Gen-2 stager replaces the install-time C2 roundtrip with a stealthier loader that checks whether bun is already present on the host. If not, it downloads the legitimate Bun runtime v1.3.13, and then executes the second-stage payload, which sets to work stealing credentials across  AWS, HashiCorp Vault, npm, GitHub Actions, and other CI/CD environments.®

Meta is developing an AI-powered pendant that it plans to start testing in the next year, according to a memo viewed by The Information.

This device would presumably build on the work of Limitless, an AI device startup that Meta acquired at the end of 2025. The startup made an AI pendant that users could attach to their shirt or wear as a necklace to record their conversations.  At the time, Meta said the acquisition would allow it to “accelerate our work to build AI-enabled wearables.”

Earlier AI wearables have failed to catch on with consumers — perhaps due to privacy concerns and tone-deaf marketing, or perhaps because they just weren’t that useful. But companies like OpenAI aren’t giving up.

The memo also reportedly states that the company is planning to expand its lineup of AI glasses and launch a business subscription called Wearables for Work. With all these planned devices, Meta is apparently hoping to reverse the fortunes of its hardware-focused Reality Labs division, which lost $4 billion in the first quarter of this year.

TechCrunch has reached out to Meta for comment.

A new pair of Beats headphones are on the way, as a new unnamed model surfaces in a series of Instagram posts by football star Lamine Yamal.

On May 23, some mystery headphones appeared in an FCC filing, indicating a new pair was coming out of Cupertino. One week later, an Instagram post has shown that it’s from Beats.

The shots on the official account for Lamine Yamal showed the sporting celebrity wearing and carrying around some bright pink headphones. In the four photographs and one video, the headphones are either around his neck or hanging off a bag to his side.

Three of the shots give a clear look at the headphones, complete with the side “b” logo synonymous with Beats headphones.

Though the post doesn’t mention the headphones directly, nor offer any real information about them, we can tell from the images that they have an over-ear earcup design. This closely matches the simple drawing shown in the FCC filing.

While there are no real rumors about Beats headphones, the most probable match would be an update to the Beats Studio Pro, originally released in July 2023. While there are no other details for the headphones as of yet, the appearance with a celebrity indicates that a launch could happen within weeks.

Celebrity tease

Lamine Yamal is a prominent football player who plays for La Liga club Barcelona, as well as the Spain national team. In the clips, he is shown traveling to a training camp ahead of the World Cup.

Close-up of the mystery Beats headphones – Image Credit: Lamine Yamal

Advertisement

At the time of publication, Yamal has 43 million followers on Instagram. After an hour, his Beats-containing post achieved more than 1 million likes and 5.1 thousand comments.

The use of a celebrity on Instagram as the initial tease for a product launch is a typical promotion strategy for the Apple subsidiary. Regularly, Beats uses sports stars to promote earbuds, headphones, and speakers long before their launch.

Offbeat

5, 4, 3, 2, 1… pfft

BORK!BORK!BORK! The National Space Centre in England took things a little too far with its simulation of a rocket launch, unless it was seeking to recreate NASA’s leaking Space Launch System (SLS) via a plastic bottle and some water.

The Leicester-based museum features exhibits aplenty, including some rockets to gawp at, an intriguing parafoil-equipped Gemini capsule, a planetarium, and lots of interactive stations to educate and inform visitors about the space age.

Some of those interactive exhibits can, however, be a little too realistic for comfort, such as a bottle rocket intended to illustrate the Space Race between the United States and the Soviet Union.

It’s a simple enough concept. Select a rocket type, learn some stuff about it, watch as a water bottle is pressurized, listen to the countdown, and then liftoff! It’s an activity that kids – and adults – might have attempted in a garden or park.

Things didn’t go as planned at the National Space Centre, and was reminiscent of the repeated leaks NASA’s SLS suffered during launch preparations. Where the exhibit’s Soviet Union’s bottle blasted off as expected, the American one did not. It spewed water from the base in an unintended recreation of NASA’s initial attempts to fuel the SLS, before giving a pathetic twitch when the countdown reached zero.

Still, it could have been worse. Had the museum decided to recreate the failure of the Soviet Union’s N1 Moon rocket, or Blue Origin’s explosive test of its New Glenn this week, onlookers might have needed a change of clothes after a sudden, and very watery, boom.

The interactive display might not be quite what the museum intended, but it indicates that even in the high-tech world of the space age, the curse of bork is never far away.

Unless, of course, the plan was always to remind users of SLS leakage, if not the explosive excesses of today’s commercial providers.

The National Space Centre told us:

“We currently have one water rocket out, the USA rocket. There are these bands that are needed to keep the bottle in place within its frame, the bands for that rocket snapped a few times recently so we have run out of spares and are waiting on parts be delivered for it to be back in action, but the soviet rocket is completely fine and has been all week.” ®

This is, without a doubt, more work than setting up Wispr Flow. When you’re done, though, you have a working application with no monthly subscription. I recommend trying it out.

A Few Other Free Alternatives

Like I said before: AI transcription and LLMs are both widely available technologies. It should be no surprise, then, that there are many Wispr Flow alternatives out there right now.

For Mac users, the completely free and open source MacParakeet is a great option. It’s open source and completely free to download and use without an account. There’s also no upselling in the application. Transcribing is handled using local models, either Parakeet or Whisper, and a variety of LLMs—both local and online—are supported for the formatting step. That’s the closest completely free app to Wispr Flow I’ve found.

VoiceInk, another Mac-only option, is open source and free to use if you download the code from GitHub and compile it yourself. The app otherwise costs $25, one time, after which you can use all features without any ongoing payments. Note that the formatting step for this requires an API key from a service such as Gemini, Anthropic, OpenAI, or Claude.

Windows and Linux users should look into FOSS Voquill, which is completely free, open source software (hence the FOSS), and works offline. It doesn’t offer a formatting step, which is disappointing, but I’m including it because it’s the best free Windows and Linux option I’ve found without any annoying upselling.

Windows users and Mac users who don’t like the above options for any reason have one more choice: OpenWhispr. This open source tool doesn’t require an account (but you’ll have to find a tiny “Continue without an account” button). The application offers a subscription, but you can opt to set up local models and external API keys instead to avoid paying.

Do You Really Need to Type With Your Voice?

Wispr Flow has its upsides. It’s easy to configure, for one thing, and has a consistent user interface. I can understand why someone might opt to pay for a subscription. But if money is tight right now, there are free options available.

I had fun exploring this growing field, but I’m going to stick to my keyboard. Wispr Flow, and apps like it, promise to let you write at the speed of thought, but I type faster than I think. If I can be philosophical for a second, writing is how I think. Typing a sentence, looking at it, and refining it isn’t an annoying part of the writing process—it is the writing process. And I often don’t know what my opinion on something is until I take the time to refine my thoughts. I can’t help but feel a lot of that would be lost if, instead of typing, I just talked to my computer.

But every brain is different, and these tools may work well for you. Which is why I’m glad there are so many options out there.