Digital Colliers Daily Briefing — May 2, 2026
The defense AI stack hardened around a chosen vendor list this week, the legal foundation under OpenAI's for-profit structure took its first real stress test in open court, and Western cyber agencies began publicly preparing the software industry for a wave of AI-discovered vulnerabilities. Today's briefing covers the Pentagon's classified-network procurement spree that excluded Anthropic, the opening week of Musk v. Altman in Oakland, and the Five Eyes' coordinated warning that frontier cyber models are about to surface decades of latent code debt all at once.
1. Pentagon locks in six frontier vendors for IL6/IL7 deployment, formalizes Anthropic freeze-out
What happened. The U.S. Department of Defense announced Friday it has signed agreements with Nvidia, Microsoft, Amazon Web Services, and Reflection AI to deploy AI models and hardware on classified networks at Impact Level 6 and Impact Level 7 — the security tiers reserved for systems critical to national security. The deals follow earlier agreements with OpenAI, Google, SpaceX, and xAI, according to TechCrunch and The Verge. Anthropic was conspicuously absent. Pentagon CTO Emil Michael told CNBC's Squawk Box that Anthropic remains classified as a "supply-chain risk," despite recent reports that the NSA had accessed Anthropic's cyber-focused Mythos model. Michael characterized any federal use of Mythos as evaluation rather than operational deployment. The DOD also disclosed that more than 1.3 million personnel have used GenAI.mil, its enterprise generative AI platform for unclassified work.
Why it matters. The procurement reshapes the defense AI stack around vendors willing to accept the Pentagon's terms — terms Anthropic refused over concerns about domestic mass surveillance and autonomous weapons use. The DOD's repeated insistence on "preventing AI vendor lock-in" reads less as a market principle than as a hedge against any single provider replicating Anthropic's leverage. By contracting horizontally across the frontier, the department creates substitutability while concentrating billions in classified-network revenue among a fixed roster.
Who is affected. Nvidia, Microsoft, AWS, OpenAI, Google, xAI, and Reflection AI gain durable classified-network footholds. Anthropic loses what was previously a marquee federal customer and now carries an active "supply-chain risk" designation, even as it won a March injunction against the label. Defense systems integrators and IL6/IL7-cleared cloud operators stand to benefit from the deployment work.
What to watch next. Whether the Anthropic litigation produces discovery that exposes the contractual terms other vendors accepted; whether Mythos evaluations at NSA and Commerce convert to operational deployments despite Michael's denials; and how Reflection AI — the smallest name on the list — scales to IL7 requirements.
2. Musk takes the stand, concedes xAI distills OpenAI models
What happened. Elon Musk spent roughly three days on the witness stand in federal court in Oakland during the opening week of his suit against OpenAI, Sam Altman, and Greg Brockman. Musk is asking Judge Yvonne Gonzalez Rogers to remove Altman and Brockman and unwind the for-profit restructuring. According to MIT Technology Review's courtroom coverage, under cross-examination by OpenAI counsel William Savitt, Musk acknowledged that xAI "partly" distills OpenAI's models — a concession that drew audible reactions in the courtroom. Savitt also surfaced 2017 emails in which Musk discussed recruiting from OpenAI for Tesla and Neuralink ("The OpenAI guys are gonna want to kill me"). Musk testified he lost trust in Altman in late 2022 after learning of Microsoft's $10 billion commitment, texting Altman: "What the hell is going on? This is a bait and switch." Judge Gonzalez Rogers cut off a debate between counsel over AI safety credentials, noting from the bench that "plenty of people" might not want humanity's future in Musk's hands.
Why it matters. OpenAI is reportedly tracking toward an IPO at a valuation approaching $1 trillion, a path that depends on the for-profit subsidiary structure Musk is asking the court to dissolve. The distillation admission also has commercial consequences: OpenAI accused DeepSeek of the same practice in February, and Anthropic blocked OpenAI's access to Claude in August 2025 for similar terms-of-service violations, per Wired's reporting cited by MIT Tech Review. Musk's own admission could feed counterclaims and complicate xAI's projected June public listing alongside SpaceX at a target valuation of $1.75 trillion.
Who is affected. OpenAI's IPO timing, Microsoft's $10B-plus position, and the broader precedent for nonprofit-to-for-profit AI conversions all hinge on the verdict. xAI faces fresh legal exposure on distillation. As The Verge's Vergecast observed, "all indications are that he won't win," but the discovery record itself is now a competitive asset for rivals.
What to watch next. Brockman's testimony and that of UC Berkeley's Stuart Russell on AI safety in week two; whether OpenAI files counterclaims tied to the distillation admission; and Altman's own appearance, which will draw the central scrutiny of the trial.
3. NCSC warns of "patch tsunami" as GPT-5.5-Cyber matches Mythos in independent testing
What happened. Ollie Whitehouse, CTO of the UK's National Cyber Security Centre, published a blog post Friday warning that AI-assisted bug hunting is poised to surface a backlog of latent vulnerabilities faster than defenders can remediate them — a "forced correction" he urged organizations to prepare for by shrinking internet-facing attack surfaces and replacing end-of-life systems outright. The warning landed alongside a Five Eyes joint publication (US, UK, Australia, Canada, New Zealand) cautioning that many enterprise agentic AI deployments grant models more access than security teams can monitor, per CyberScoop. Separately, the UK AI Security Institute reported that OpenAI's newly released GPT-5.5-Cyber matched Anthropic's Mythos Preview on its cyber evaluation suite — 71.4% versus 68.6% on Expert-tier Capture the Flag tasks (within margin of error), and 3-of-10 versus 2-of-10 on the 32-step "The Last Ones" data-extraction range, according to Ars Technica. Sam Altman said GPT-5.5-Cyber will roll out within days to a restricted group of "trusted defenders" — gating that The Register noted echoes the Anthropic approach Altman publicly mocked weeks earlier.
Why it matters. Two frontier vendors now ship models capable of end-to-end multi-step exploitation, and a national cyber agency is openly telling industry the patch volume is about to spike. The asymmetry favors whoever runs the tools first — defenders if access controls hold, attackers if the weights or capabilities leak. The NCSC framing is notable for shifting the conversation from speculative AI cyber risk to operational guidance.
Who is affected. Enterprise security teams, software vendors carrying long-tail technical debt, and operators of unsupported systems most acutely. Cloud providers and managed-service firms stand to absorb emergency patching demand. Agentic-AI deployers face fresh Five Eyes scrutiny on access scoping.
What to watch next. The composition of OpenAI's "trusted defender" cohort and whether it mirrors Anthropic's roughly 50-organization Mythos circle; whether AISI's "Cooling Tower" ICS simulation — which no model has solved — falls in the next release cycle; and the first wave of CVE disclosures attributable to AI-assisted discovery.
The through-line across today's three stories is governance over capability. The Pentagon is asserting it through procurement leverage, choosing vendors who accept its terms and freezing out one that didn't. The Oakland courtroom is testing whether AI's most valuable corporate structure can survive judicial review of the mission claims it was built on. And in London and Washington, cyber agencies are conceding that frontier cyber models exist whether they like it or not — and pivoting to industrial-scale remediation as the policy response. Capability is no longer the constraint; the constraint is who gets to use it, and on what terms.