U.S. Cyber Command intends to test and deploy the strongest possible AI models, regardless of politics and even country of origin, the command's chief AI officer told me.

Why it matters: Anthropic's models are pushing the frontier, but the company's fight with the Pentagon has complicated the rollout of its latest models within government.

• But Cyber Command is largely sidestepping that debate — building infrastructure designed to swap between models regardless of vendor or origin.
• "To survive anywhere, just in case our operators want an open-source made-in-China model or something very boutique, we have to create the infrastructure and that ability to be agile — no politics," Brig. Gen. Reid Novotny, chief AI officer at Cyber Command, told Axios.
• "Our operators are very well set for what they need right now."

State of play: The White House is still negotiating access to Anthropic's Mythos Preview, which the company has held back due to its hacking capabilities. Now, only a patchwork of agencies — including the National Security Agency and the Department of Commerce's AI testing institute, but not CISA — have access to the model.

• Meanwhile, OpenAI is capitalizing on the confusion and quickly engaging with federal, state and international government offices to deploy its competing product, GPT-5.4-Cyber.

What they're saying: "I'm zero percent concerned about politics," Novotny told Axios at the SANS AI Cybersecurity Summit in Arlington.

• "There are so many things we can do in the space right now: adopting newer technologies, going after companies that are model agnostic," he said.

Driving the news: 2026 marks the first year Cyber Command has dedicated funding for AI programs, after years of lead time inside the Pentagon and Congress.

• The command is using that funding to pilot commercial AI capabilities while building underlying infrastructure that allows operators to switch between models as technology evolves.
• Novotny said that flexibility extends even to models developed outside the U.S.

The big picture: Novotny — the first AI officer at Cyber Command — is tasked with integrating AI into both offensive and defensive cyber operations.

• That includes using models to accelerate operations and process large volumes of intelligence data, but also embracing a level of risk inherent in military missions.
• "The true point of our military, at some scope and scale, is to be less secure and a little bit more dangerous," he said during a panel.

Zoom in: A major concern externally is whether AI systems could misidentify or improperly target civilian infrastructure. But Novotny said those risks are governed by existing military rules, not new AI-specific policies.

• "If we train a model to go hack an entire country, we know going in about hospitals, schools and so on," he said.
• "We know what we need to do and not do, and then we prove it out, making sure the model is doing what we say," Novotny said. "I don't want to say we're not worried about it, but we know how to apply our morals and our laws when we adopt a new technology."

Reality check: Cyber Command is testing varying levels of human oversight, but fully autonomous deployment is off the table.

• "We would never unleash a human-out-of-the-loop tool and then be like, 'Oops, we just turned something on,'" Novotny said.

Between the lines: Former military leaders and industry operators say the bigger challenge is how quickly the command can put AI models to use.

• Lt. Gen. Lori Reynolds, former head of the Marine Corps Forces Cyberspace Command, said last week during Vanderbilt University's Asness Summit on Modern Conflict and Emerging Threats that AI is likely to strain the military's "persistent engagement" model, which was built around a small number of sophisticated adversaries.
• "It's insufficient by itself," Reynolds said. "We have to learn to fight hurt, we have to learn to trust our data, but we should be doing everything we can to constantly be sparring as far away from our territory as we can."

What to watch: AI's role in cyber warfare is expanding as vendors race to secure Pentagon contracts and adversaries like China integrate AI into their operations.

• Google has signed a deal with the Pentagon to use Gemini in classified government operations, according to The Information. Anthropic was first into the classified space, followed by OpenAI earlier this year.

Get ready for short-term pain in cyberspace, several top leaders and former officials warned onstage at Vanderbilt University's Asness Summit on Modern Conflict and Emerging Threats last week.

Why it matters: AI companies are promising major gains for cyber defenders — but experts warn attackers will have at least the initial advantage.

Driving the news: Officials from the U.S. military and the private sector said new generative AI models are making it faster and easier to find software flaws, underscoring the need for companies to invest in autonomous defenses.

• "We're going to have a near-term window where offense is uniquely advantaged, period," Kevin Mandia, founder of Mandiant and CEO of Armadin, said on a panel Friday.
• Gen. Timothy Haugh, former head of the NSA and Cyber Command, argued the shift will hit under-resourced sectors hardest — and require federal intervention.
• "We obviously have organizations that are built to do this," Haugh said. "Are they going to be able to seize the moment at the national cyber director's office, what is left at CISA, and be able to at least articulate a framework that Congress would be willing to fund?"

Zoom in: Mandia warned cybercriminal groups — particularly in Russia — are likely to access open-source or general models using stolen credentials and train them to carry out attacks at a low cost.

• "That's our worry, and that, in my opinion, is probably inevitable," he said.

Between the lines: Part of the problem is the patching gap. Finding and exploiting security flaws is a whole lot easier than patching them.

Yes, but: The fear of U.S. government retaliation — whether in cyberspace, via sanctions or in a physical military operation — will likely keep hackers from turning off the lights and meaningfully going after critical infrastructure, Mandia told reporters after the panel.

OpenAI's new GPT-5.5 model can find bugs and write exploits, but it still struggles with the hardest part of hacking: deciding what's actually worth exploiting.

Why it matters: The fear of fully automated attacks has made a lot of headlines in the last month, but the models aren't necessarily capable of that reality — yet.

Zoom in: According to the system card for OpenAI's model, also known as Spud, here's how the improvements stand:

🚩 Capture the flag: GPT-5.5 completed 96.3% of capture-the-flag tasks across reverse engineering, cryptography and network exploitation — up from GPT-5.4-Thinking's 88.2%.

• Reality check: These are controlled environments, though, not messy real-world networks — which likely makes the model look more capable than it will be in practice.

🪑 Vulnerability hunting: In the more basic CVE-Bench test, GPT-5.5 identified 93.1% of vulnerabilities, a smaller gain over prior models.

• Evaluators gave the model a general description of the problem but no details about the specific flaw. The test was designed to see if the model could reason its way to the issue rather than recalling known bugs.

⛓ End-to-end attacks: In a longer, more realistic evaluation, GPT-5.5 completed 14 of 15 tasks needed to carry out a full cyberattack chain, including planning attacks, exploiting misconfigurations and linking multiple weaknesses together.

• The model improved on evading endpoint detection and response tools and escalating privileges using stolen or leaked credentials, which GPT-5.3-Codex and GPT-5.4-Thinking failed.
• However, the model could not forge a trusted certificate or carry out DNS poisoning, both important for stealthy network compromise.

🗓️ Multiday, complex tasks: GPT-5.5 can sustain multiday workflows like vulnerability research, proof-of-concept development and root-cause analysis — moving closer to something that looks like autonomous security research.

• But OpenAI noted that GPT-5.5. struggled with "exploit development judgment," or determining which bugs are worth pursuing and turning crashes into reliable exploits.

⚖️ What to watch: OpenAI says GPT-5.5 has its strictest guardrails yet, but the company hasn't detailed how those protections change what the model can actually do in offensive scenarios. The company may offer a more permissive version to vetted defenders through its Trusted Access for Cyber program.

• The company also says that the token cost for performing many of these tasks is lower than with GPT-5.4.

@ D.C.

👀 Sean Plankey has withdrawn his nomination to lead CISA. (Politico)

🏛️ House Republicans introduced two data privacy bills last week to protect personal and financial data and override state laws. (Axios)

🧳 The Trump administration pushed out the new leader of the Commerce Department's Center for AI Standards and Innovation over his past work with Anthropic just four days after he started. (Washington Post)

@ Industry

🪖More than 560 Google employees signed an open letter urging CEO Sundar Pichai to not allow the U.S. government to use the company's AI tools in classified military operations. (Financial Times)

🤖 Software company PocketOS said its Cursor AI coding agent deleted its entire production database and "all volume-level backups" in nine seconds. (The Register)

@ Hackers and hacks

⚠️ Itron, an equipment manufacturer for energy and water utilities, said it was recently hacked. (Cybersecurity Dive)

🇮🇹 Italy has extradited a suspected Chinese hacker to the U.S. to face charges that include stealing COVID-19 medical research. (Reuters)

☎️ Security researchers uncovered two spying campaigns exploiting weaknesses in telecom infrastructure that they believe are part of surveillance vendors' widespread push to break into phone networks. (TechCrunch)

☀️ 🏠 If you, too, are furiously watching "Summer House" this season and the drama surrounding it, please hit reply! I need more people to talk to about this.