Google Commits $920M Monthly to xAI Compute as SpaceX Counts Down to IPO

The Google-SpaceX compute deal dominates Friday's news cycle — $920M per month, flowing to xAI's infrastructure, one week before SpaceX goes public.

Security

Supply chain pressure hit npm from two directions on the same day. IronWorm and a new Miasma worm variant together poisoned more than 50 legitimate packages to deliver a Rust-based infostealer and a self-replicating worm. Separately, popular React data-grid library mantine-datatable was compromised after its maintainer's GitHub account was suspended — a classic single-maintainer risk. Both incidents reinforce what the npm ecosystem has demonstrated repeatedly: the package registry is an attractive target, and widely-used libraries with solo maintainers are high-leverage attack surface. Audit your lockfiles.

Chinese espionage group UNC5221 is evolving. The group — previously linked to the Brickstorm backdoor targeting Microsoft 365 — is now using two newly documented malware families, Plenet and AgentPSD, to maintain persistent access to compromised environments. The deployment of new custom implants alongside a known backdoor suggests deliberate diversification: detection of one tool doesn't end their access. Microsoft 365 environments with unusual authentication events or unexpected service principal activity warrant closer inspection.

The Polyfill supply chain compromise has a new chapter: suspicious credential-harvesting login prompts surfaced on Toshiba and Muji websites. The pattern is consistent with injected scripts from the compromised CDN that made headlines in 2024 and apparently hasn't been fully cleaned up across every site that ever included it. Both companies warned visitors but neither has explained how the prompts got there.

Also in the category of things vendors don't want to call vulnerabilities: the Sound Blaster Katana V2X speaker can be compromised over the air and then used to infect any PC it's physically connected to via USB — no user interaction required. Creative says it's not a vulnerability. A USB peripheral that is externally reachable and can pivot to attack connected hosts is a fairly standard definition of one.

Rounding out the day: a former cybersecurity executive filed a whistleblower suit accusing IBM of covering up multiple data breaches that hit IBM and two subsidiaries in the mid-2010s. IBM denies the allegations. Breach notification obligations are exactly the compliance exposure that whistleblower suits are designed to surface; this one will be worth watching as it progresses through the courts.

AI

Google will pay SpaceX $920 million per month for compute capacity at xAI's data centers — roughly $11 billion annually, flowing from Google's infrastructure budget directly into Elon Musk's AI venture. The deal was announced one week before SpaceX's IPO. The arrangement is structurally unusual: Google is paying a competitor-adjacent entity for accelerator access while its own TPU buildout continues. The cleanest explanation is a genuine crunch — at frontier scale, there simply isn't enough capacity to meet demand, and Google is willing to pay any counterparty that has it. Whatever the strategic calculus, $920M per month from a single customer will show up prominently in xAI's financials as Musk's companies prepare for public scrutiny.

On the research side, Sakana AI published details of its Recursive Self-Improvement Lab — an experimental framework aimed at systems that iteratively improve their own capabilities. The framing is careful and the work is genuinely early, but RSI sits at the center of long-standing AI safety debates, and credible lab-scale experiments on it are worth tracking as the field matures.

Google also released Gemma 4 QAT models optimized via quantization-aware training for on-device use on mobile and laptop hardware — useful for teams deploying inference at the edge without cloud dependency.

Tech

The Google/SpaceX compute deal's announcement one week before the SpaceX IPO is either excellent timing or deliberate anchor-setting for the offering. The S&P 500 declined to waive its profitability rule to fast-track SpaceX's inclusion, meaning passive index fund capital won't automatically flow in immediately after listing.

A more quietly significant milestone: US startup Antares brought a small modular reactor to criticality in the first US test of its kind. It isn't generating electricity yet, but achieving a self-sustaining chain reaction is the foundational physics gate for everything that follows. SMR timelines have slipped so many times that hard milestones matter.

Section 702 — the warrantless foreign surveillance authority — expires June 12th, six days out. Another Senate vote failed and Congress has no visible path to reauthorization. Expiration would technically curtail collection, though the intelligence community has historically used emergency provisions to bridge gaps; what happens this time is genuinely uncertain.

At Summer Game Fest, Final Fantasy VII Revelation was officially announced as the third and final entry in Square Enix's remake trilogy, launching simultaneously across all platforms. The event's larger story, though, was GTA VI's gravitational pull on release date decisions: studios announced dates while visibly routing around a game Rockstar didn't even show up to promote.

GitHub accidentally deleted Slack and Teams notification subscriptions across the platform. Low severity in isolation, but if your team's integration has gone quiet, now you know why.

That's the shape of June 6th: supply chains hit on multiple fronts, a Chinese APT expanding its toolkit inside M365, and a $920M-per-month compute deal that rewires the AI infrastructure map the week a public price finally gets put on SpaceX.

Also yesterday

• PCPJack Turns 230 Cloud Servers Into a Covert SMTP Relay Network
• Cisco Catalyst SD-WAN Zero-Day Actively Exploited — No Patch Yet
• Actively Exploited: CVE-2026-3300 Gives Attackers Full Control of WordPress Sites Running Everest Forms Pro