Newsletters
As U.S. and Israeli jets crossed into Iranian airspace on the last day of February, another kind of crossing was happening in Washington.
Hours before the first strikes, OpenAI's Sam Altman rushed to ink a deal with the Pentagon—one conspicuously unburdened by the safety conditions his rival Anthropic had refused to abandon.
For months, the Trump administration had swung a silicon sword of Damocles over Anthropic's head—branding it a "radical left," "woke company," and threatening to cut it out of the defense ecosystem entirely.
What nobody in the room had fully accounted for was that the sword had two edges: the company Washington was busy trying to threaten had just helped identify over a thousand targets in the opening 24 hours of the Iran campaign.
Hence appeared the story of how a corporate contract dispute became a stress test of democracy, the relationship between tech and the state, and national security.
On Jan. 9, 2026, Defense Secretary Pete Hegseth published a memo declaring that the Department of Defense would henceforth contract only with AI companies willing to offer their models for "any lawful use" without "usage policy constraints."
The memo was, in diplomatic terms, an ultimatum. In less diplomatic terms, it was a shakedown.
Anthropic, whose Claude model had become deeply embedded in classified DoD environments—integrated into Palantir software, woven through intelligence workflows and allegedly deployed during the raid on Venezuelan President Nicolás Maduro—refused to comply.
CEO Dario Amodei drew two red lines: Claude would not be used for mass domestic surveillance and would not be used to deploy lethal autonomous weapons systems without meaningful human oversight. These were, he said, cases where AI could "undermine, rather than defend, democratic values."
On February 24, Hegseth gave Amodei three days to capitulate.
When Anthropic declined, Hegseth did something with no modern precedent: he designated an American company a "supply chain risk," which is a classification usually reserved for Chinese firms like Huawei and ZTE, implying that the company "may sabotage, maliciously introduce unwanted functions, or otherwise subvert a national security system."
A $200 million contract was taken away from the company. 1789 Capital, a venture fund associated with Donald Trump Jr., abandoned an investment worth hundreds of millions. The designation, effective immediately, required every DoD partner and military contractor to sever ties with Anthropic within 180 days.
In March, Anthropic sued. The court granted a preliminary injunction, writing that the Pentagon's own records showed the designation was imposed because of Anthropic's "hostile manner through the "press"—textbook First Amendment retaliation, she concluded.
A federal appellate court from DC later denied Anthropic's motion to fully lift the label, reasoning that doing so would "force the United States military to prolong its dealings with an unwanted vendor of critical AI services in the middle of a significant ongoing military conflict."
Senator Elizabeth Warren put it to Hegseth directly in a March 23 letter: the administration had threatened to invoke the Defense Production Act, which would mean Anthropic's services were essential to national security, while simultaneously designating the company a threat to national security. Trump had made his actual reasoning plain on Truth Social: they were "leftist lunatics."
The incoherence, Warren wrote, "suggests that the Department's actions are motivated more by politics rather than national security."
Then Mythos arrived.
On March 26, leaked draft blog posts revealed the existence of a model Anthropic had quietly developed and not released publicly.
By April 7, Anthropic had formally disclosed Claude Mythos—a large language model designed specifically to identify software vulnerabilities—and launched Project Glasswing, a controlled consortium of over 40 organizations, including Microsoft, Apple, Google, Amazon, and Nvidia, tasked with using Mythos to find and patch the vulnerabilities it identifies.
Using the new product, Anthropic stated that Mythos had identified vulnerabilities in every major operating system and every major web browser during its testing phase.
Mozilla patched 271 security vulnerabilities in Firefox within two weeks of limited release.
Employees at Calif.io used Mythos to create a memory corruption exploit targeting Apple's M5 chip.
The speed was the thing. Where human researchers might require two months to surface a hundred serious vulnerabilities, Mythos did so in days.
The model was not inventing new categories of software flaws; it was finding and combining pre-existing ones at a velocity that made the traditional 90-day responsible disclosure window feel like a relic from a different technological era.
Thomas Fraise, writing in The Conversation, argued that Mythos could destabilize nuclear deterrence. Brett J. Goldstein, in The New York Times, warned that it put individuals and smaller organizations at a structural cybersecurity disadvantage.
The European Central Bank's Christine Lagarde praised Anthropic for restricting access. The Bank of Canada summoned major lenders to an emergency meeting.
Japan's Financial Services Agency formed a working group. The Bank of England scheduled it for its Cross-Market Operational Resilience Group discussions.
A representative from a Chinese think tank approached Anthropic staff at a meeting in Singapore, requesting access. Anthropic declined. In April, the Chinese government made a formal request. The answer was no.
Here is where the story gets genuinely strange. The Pentagon had blacklisted Anthropic. The NSA, which sits inside the Department of Defense, was allegedly using Mythos anyway.
According to a Financial Times report citing people familiar with the arrangement, the NSA deployed Claude Mythos for offensive cyber operations, with roughly half a dozen Anthropic engineers embedded inside the agency to assist with customization and use.
Emil Michael, the undersecretary of defense for research and engineering, had told reporters that Anthropic needed to "cross the Rubicon" and allow the Pentagon to dictate the terms of how its technology is deployed. The NSA apparently decided it didn't need Anthropic to cross anything.
Mythos did what years of safety advocacy had not: it forced a regulatory pivot from an administration that had spent its first year proudly dismantling Biden-era AI oversight.
The Trump executive order now requiring AI companies to submit frontier models to Washington for a 30-day review before release is not a small decision.
It represents the administration conceding that the sheer offensive and destabilizing potential of models like Mythos had outpaced its preferred posture of "remove all barriers to American AI dominance."
The new mandate engages at least ten federal entities in the review process—including, critically, the Department of War and the Treasury Department, which will coordinate a new AI cybersecurity information-sharing center alongside private sector partners and critical infrastructure operators.
The concern is less the 30-day window itself than what happens inside it. Hegseth's department will have 30 days of privileged access to frontier AI models before they reach the market.
Given his department's demonstrated willingness to use regulatory and legal instruments as political cudgels—his own memos explicitly framing the desire for mass surveillance capability as a legitimate operational requirement—the prospect of "cyber-defense review" becoming a vector for competitive pressure against non-compliant AI developers is not theoretical.
The OpenAI deal signed in the hours before the Iran strikes nominally prohibits "deliberate" or "intentional" domestic surveillance—language with loopholes large enough to accommodate the bulk commercial data collection the DoD had demanded from Anthropic as a precondition for continued partnership.
In other words, MAGA—which has accused Europe of slowing down its development by imposing regulations—is now endorsing the suppression of technology for ideological reasons until they have to comply.
Set as preferred source
Set as preferred source
1 min read
1 min read
