Anthropic's Pentagon model is now everyone's model  

Curated by Alexis

Anthropic released Mythos to the public, collapsing the wall between cleared-contractor frontier AI and developer-grade frontier AI in a single press release. DeepMind's Demis Hassabis moved his AGI timeline from "five to ten years" to "a real possibility by 2029" and tied it explicitly to AlphaProof Nexus solving nine open Erdős problems for the cost of a steak dinner. Critical zero-days hit Starlette (a million AI agents on the wire) and CrowdStrike led a coordinated takedown of the Glassworm developer botnet across four C2 channels. BNP Paribas formalized a sovereign-AI security partnership with Mistral while Beijing froze overseas travel for top AI engineers at Alibaba and DeepSeek. And the AI-displaces-workforce arithmetic got honest: Uber burned its full-year AI token budget by April, ClickUp restructured to 1,000 humans alongside 3,000 internal agents, and Sam Altman publicly reversed his white-collar-apocalypse prediction.

Get more from AI Weekly

More signal, less noise — pick your channels.

You're reading the weekly brief. Below are the other ways to follow the story — every channel free, easy to leave.

  • → Explore 16 deep dives
    Weekly topic-specific newsletters: Generative AI, Machine Learning, AI in Business, Robotics, Frontier Research, Geopolitics, Healthcare, and more.
    Browse all 16 deep dives →
  • → Breaking AI alerts
    When something major breaks (a $60B acquisition, a regulator's emergency meeting, a frontier model leak), alert subscribers know within hours. Typically 0-2 emails per day.
    Get breaking alerts →
  • → AI News Today (live)
    Live dashboard updated as the scanner finds news: scored stories from the last 48 hours, weekly entity movers, and quarterly trend lines across 113 AI companies, people, and topics.
    Open AI News Today →

Quick Hits

The Lab Gladiator Era

  • Anthropic releases Mythos to the public, the Pentagon and NSA-grade model anyone can now use. Previously cleared-contractor only, Mythos resets what the publicly-accessible frontier looks like. The capability gap between sovereign-grade and developer-grade AI just collapsed. The Register

    • Mythos has been deployed inside NSA and Pentagon supply-chain operations; public release puts those capabilities behind a standard API key
    • Forces OpenAI and xAI to either match or accept being below the public frontier
    • First time capabilities embedded in active national-security workloads cross openly into developer access

  • Demis Hassabis moves AGI timeline to 2029, calls it "a real possibility." DeepMind's CEO compressed his AGI window from a five-to-ten-year range into a single named date, and tied it explicitly to AlphaProof's recent capability jumps. Axios

    • Hassabis cited AlphaProof Nexus as the data point: solving 9 open Erdős problems and 44 OEIS conjectures for a few hundred dollars in compute
    • DeepMind's last public timeline (Stratechery interview, March 2026) had AGI at 2030 to 2035; 2029 is a hard step in
    • Cambridge maths professors are mid-review on whether AlphaProof's machine-checked proofs hold up under inspection

AI Supply Chain Under Siege

  • CVE-2026-48710 "BadHost": critical Starlette auth-bypass exposes millions of AI agents, FastAPI, vLLM, and LiteLLM. A single Host-header injection routes around middleware. X41 D-Sec found it during an OSTIF-funded vLLM audit. Patch shipped May 21, public disclosure May 22, one day of lead time. Ars Technica

    • Starlette has 400,000+ GitHub dependents including vLLM, LiteLLM, Ray Serve, and BentoML, covering most of the production LLM serving stack
    • MCP's mandated unauthenticated OAuth discovery endpoints give attackers a reliable first step into any affected deployment
    • X41 shipped Semgrep and CodeQL detection rules with the advisory; automated exploitation tooling is already in the wild

  • CrowdStrike, Google, and Shadowserver simultaneously cut Glassworm's four C2 channels. A coordinated takedown of a botnet aimed specifically at developer machines across JavaScript, Rust, and Zig variants on npm, PyPI, and GitHub. 300+ repos compromised since 2025. TechCrunch

    • All four C2 channels (Solana blockchain, BitTorrent DHT, Google Calendar event titles, traditional servers) had to drop simultaneously to prevent failover
    • Industry-led enforcement: CrowdStrike declined to specify the legal authority for the infrastructure takedown
    • Beaconing machines from before the takedown remain identifiable via connections to 164.92.88[.]210

DeepSeek's Quiet Takeover

  • BNP Paribas formalizes a sovereign-AI security partnership with Mistral, embedding Mistral engineers inside BNP teams. A direct response to the structural access gap: JPMorgan had first-wave Mythos access while eurozone banks had none. The ECB simultaneously told eurozone banks to invest more in AI security. Bloomberg

    • BNP holds dual standing as both investor and major customer of Mistral, giving it design leverage US bank-Anthropic relationships don't have
    • Mistral engineers are embedded across BNP retail, investment banking, and compliance, indicating infrastructure buildout rather than a standard API agreement
    • BNP CIO Marc Camus named speed as the decisive factor: Mythos-class capability forces remediation pace that breaks existing security workflows

  • China restricts overseas travel for top AI engineers at Alibaba and DeepSeek. Beijing extended the talent-control regime previously applied to state-owned defense into private AI labs. Bloomberg

    • Affected employees must surrender passports and request approval for foreign trips
    • Same week, NDRC directed domestic AI companies to pair LLMs with homegrown chips. Talent control and chip self-sufficiency arriving together
    • Parallel signal to BNP+Mistral: both blocs are building defensive sovereign-AI moats simultaneously

The AI Capex Tax

  • Uber burned its entire 2026 AI budget in four months. Per-dev API token spend jumped from $500 to $2,000 a month. 70% of committed code is AI-generated, ROI invisible. Uber's CTO Praveen Neppalli Naga confirmed Claude Code drained the full-year budget; the COO told Fortune he can't justify the spend to the board. Wired (Steven Levy) · Fortune

    • 95% of Uber engineers are using AI tools monthly; the budget overrun is not a partial-adoption problem
    • Duolingo CEO Luis von Ahn killed the company's AI-use-in-performance-reviews mandate the same week, naming cost pressure
    • Sam Altman in Sydney reversed his white-collar AI job apocalypse prediction, citing labor-market data that doesn't match his prior forecasts
    • The new competitive question isn't "are you using AI?" It's "can you measure what it returned?"

  • ClickUp restructures to a 3:1 AI-to-human ratio in a single press release: 22% layoff alongside 3,000 internal AI agents and 1,000 remaining humans. First public CEO communication where the agent count and the layoff count appear in the same announcement. TechCrunch

    • ClickUp also introduced $1M salary bands for the remaining humans, betting on a barbell of fewer, higher-paid operators plus thousands of agents
    • Wix announced 1,000 layoffs (20% of global headcount) the same week with a similar AI-restructuring framing
    • MIT Technology Review counters that AI-exposed roles actually have LOWER unemployment than the rest of tech, and the layoff wave correlates more with end-of-ZIRP than with AI displacement

The Capex Bill Came Due Before the Layoff Story Held Up

This week made the capex-vs-jobs math impossible to keep abstract. Steven Levy's Wired feature put numbers on it: per-developer API token spend at Uber jumped from $500 to $2,000 a month, the company burned its full-year 2026 AI budget by April, 95% of engineers are using AI tools monthly, 70% of committed code is AI-generated, and the COO can't justify the spend to the board. Duolingo CEO Luis von Ahn killed the company's mandate that employees use AI as part of performance reviews, naming cost pressure. The same week, ClickUp announced a 22% layoff alongside 3,000 internal AI agents in the same press release, naming a 3:1 ratio. Wix announced 1,000 layoffs at 20% of headcount, citing AI restructuring. WiseTech's CEO received handwritten threats at his home address after announcing 2,000 AI-driven cuts.

Then MIT Technology Review published a counter-narrative the same week: unemployment in AI-exposed roles is actually lower than across the rest of tech, and the layoff wave correlates more strongly with the end of zero-interest-rate hiring than with AI displacement. Sam Altman, who spent a year saying white-collar work would disappear, told a Sydney audience he was "delighted to be wrong."

The pattern: AI capex is real and measurable. AI-attributed layoffs are real but the attribution may be cover. AI ROI is the new measurement nobody has settled rules for. The next competitive question is no longer "are you using AI?" Every company is. It's "can you measure what it returned?"

Key Takeaways

  • Anthropic's Mythos release puts Pentagon-grade frontier AI behind a developer API for the first time, forcing the rest of the field to either match or accept being below the public frontier
  • Critical infrastructure bugs (Starlette, LiteSpeed, Ghost CMS) are landing with one day or less of lead time before public exploit. The AI-accelerated bug-discovery cycle is the new security model
  • Sovereign AI defense is bifurcating in parallel: BNP+Mistral in Europe and China's NDRC+talent-control regime in Asia are both building moats around frontier capability at the same time
  • The "AI is causing the layoffs" narrative cracked publicly this week. Altman's reversal, MIT Tech Review's labor data, and Uber's admission that 84% Claude Code adoption hasn't produced measurable ROI all landed inside five days

Worth Reading

This week's poll

What's the most consequential development this week?

Until Friday,
Alexis