The DOJ filed a brief this week warning against military use of Claude — and the same week Politico says the Pentagon is trying to adopt Mythos for offensive cyber work. Same government, opposite directions. It’s Anthropic Pentagon Watch. The D.C. Circuit heard oral argument on May 19, the DOJ’s counter-filing is in, and that Mythos-in-cyberweapons report is no longer just a rumor — now we’ve got the court record, the compliance fallout, and the contradiction in black and white. DOJ on paper: don’t militarize Claude. Pentagon procurement office, same week: we want Mythos for cyber weapons. At some point that’s not a contradiction anymore — it’s a department that can’t keep its own story straight. And Law360 has the part that lingers: every defense contractor trying to run Mythos is now staring at CMMC questions nobody has clean answers to yet. That’s the piece that outlasts the lawsuit. Lawfare writes:
On May 19, the D.C. Circuit Court of Appeals heard oral argument in Anthropic’s lawsuit against Secretary of Defense Pete Hegseth and the Department of Defense for its designation of the AI company as a supply chain risk. Judges Karen LeCraft Henderson, Gregory Katsas, and Neomi Rao questioned counsel for both parties
May 19 in the D.C. Circuit, three judges — Henderson, Katsas, and Rao — on the record with both sides. The panel pressed two different issues: whether the circuit even has jurisdiction to review a Pentagon designation decision, and how you write a stable ruling for technology that keeps moving while the case is still crawling along. That second question is the one I’d pin to the wall, because the Pentagon is out here saying the designation is legally sound while its own procurement track is reportedly pulling Mythos into offensive cyber development. Sure, the tech is changing — so is the government’s own position on whether it wants the thing. And now the DOJ’s formal counter-filing is in the same record. The Justice Department is warning against military use of Claude, while Politico and Gizmodo have documented Pentagon interest in Mythos for cyber-weapons work. Those two federal voices are not exactly singing from the same sheet, and the D.C. Circuit has that contradiction on its docket whether the judges asked for it or not. DOJ says don’t militarize it. Pentagon procurement says hold my budget request. Katsas and company got handed the institutional incoherence as a live exhibit. XIX.AI writes:
Anthropic has consistently built its identity around "AI safety," declining to allow its technology to be used for autonomous weapons or government surveillance. However, this principled stance now threatens its access to the lucrative military contracting sector. In contrast, competitors like Microsoft's OpenAI technology are reportedly undergoing testing with the Pentagon, despite having previously enforced similar usage restrictions.
The DOJ counter-filing is now on the record, and the government’s position is blunt: Anthropic’s use restrictions are the reason for the supply-chain-risk designation, and the compliance penalties that follow are the enforcement tool. So that hypothetical we kept talking around? The DOJ just told the court the designation is the lever, and it says that lever is lawful. And meanwhile, Politico and Gizmodo have the Pentagon’s procurement side actively shopping Mythos Preview for offensive cyber weapons. So Justice is in federal court warning that Claude can’t be trusted in combat systems, while the acquisition office is trying to slot a different AI into cyberweapons. Those two arms of the executive branch are not reading each other’s mail. Worth noting: Jeff Dean and colleagues from OpenAI and Google have filed in support of Anthropic. That’s the industry signaling that the ‘accept any lawful use or lose federal access’ standard has stakes beyond one company — but the DOJ’s filing makes clear the government isn’t treating this like a close call. The DOJ literally said Anthropic ‘cannot be trusted for integration into combat systems’ because it tried to set limits. That’s not a security finding — that’s a loyalty test. And the eight companies that stayed out of court just passed it by saying nothing. Okay, zoom out for me — if Anthropic actually wins this thing, what does winning even look like? Do they get their government contracts back, or is this just about clearing their name? The main prize is getting the supply-chain-risk designation removed — that’s the part doing the most concrete damage. Secretary Hegseth’s February 27 order didn’t just freeze Anthropic out of Pentagon work; per the Just Security analysis, it told every contractor, supplier, and partner doing business with the U.S. military that they couldn’t do any commercial activity with Anthropic either. That’s a secondary boycott rippling through the whole defense-contractor ecosystem. Judge Rita Lin’s preliminary injunction, issued March 26, blocks enforcement of both the governmentwide ban and the designation while the case moves forward, and she was explicit that the government’s actions looked ‘designed to punish Anthropic’ rather than protect national security, which is the First Amendment retaliation theory that could shape final relief. A final win would most likely mean the court vacates the designation and bars the agencies from bringing it back on the same legal theory. It would not force the Pentagon to buy Claude — procurement is still the executive branch’s call, and courts are very reluctant to order a specific purchase. But if the designation gets wiped out, doesn’t Anthropic still end up back in the same contract fight over military-use restrictions that kicked this off? Exactly — clearing the label gets Anthropic back to the table, but the underlying dispute over what Claude can and can’t be used for in a defense setting is still unresolved. And per the Center for Democracy and Technology’s May analysis, the fallout has already spread beyond the Pentagon to civilian agencies across the federal government, so the stakes are bigger than one customer relationship. Keep an eye on whether the court’s final ruling reaches the scope of the supply-chain designation authority itself — that’s the part that would actually change the rules for any AI company that later objects to how the government uses its models. From Mike Pearl at Gizmodo:
According to a report from Politico, the Pentagon is seeking to adopt and weaponize frontier AI models with hacking capabilities like Claude Mythos Preview. Politico’s reporting comes from a leaked email and two anonymous sources.
The Gizmodo piece, citing Politico via a leaked email and two anonymous sources, says Cyber Command chief Joshua Rudd announced this initiative earlier this month — and Mythos Preview is reportedly in the mix. Same Pentagon-AI access story we’ve been tracking, except now it’s the model the Pentagon’s own designation says they can’t touch. Let’s be precise about the absurdity here: the supply-chain-risk designation doesn’t just bar the Pentagon — it bars every Pentagon contractor. And the DOJ filed a counter-position this week warning against military use of Claude. So you’ve got Justice saying ‘don’t,’ and Cyber Command saying ‘we want the unreleased one, specifically.’ The designation is still live. The litigation is still pending. And Rudd’s office is apparently shopping for Mythos Preview anyway. That’s not irony anymore — that’s two federal bureaucracies acting like they share neither a legal team nor a calendar. And the Cloudflare finding on inconsistent guardrails in Mythos Preview is now a compliance question, not a theoretical one — because if this model ends up in offensive cyber operations, every contractor downstream has to figure out whether their CMMC obligations just got rewritten by Rudd’s announcement. Here's David Panzer at Law360:
Their article provides a critical analysis of how Anthropic’s Mythos AI model is fundamentally transforming the cyber threat landscape and the implications for defense contractor cybersecurity compliance. Key issues include the growing gap between existing security baselines like NIST 800-171 Rev. 2 and the new threat environment
Law360 is naming the downstream problem nobody in the courtroom has really dealt with: David Panzer and his co-counsels at Fluet argue that NIST 800-171 Rev. 2 and DFARS 252.204-7012 — the baseline cyber rules every defense contractor lives under — are already out of sync with what Mythos does to the threat environment. That’s not just a policy concern; that’s a compliance gap with contract penalties attached. And remember where Cloudflare landed: inconsistent guardrails on Mythos Preview. Now the Pentagon is reportedly pulling it into offensive cyber work. If the guardrails are already documented as inconsistent and the CMMC clock is still ticking for every prime and sub, the contractors who quietly said yes didn’t dodge Anthropic’s fight — they just inherited it through regulation instead of a lawsuit. The NDAA pathways Panzer flags are interesting — there may be statutory room to move CMMC faster than the usual rulemaking cycle. But ‘may offer pathways’ is not the same thing as ‘the rules are updated,’ and every contractor running Mythos right now is sitting in that gap. The eight companies that skipped the courtroom to get Pentagon access? Panzer’s piece reads like a memo to their compliance teams: you inherited the problem anyway, just without any say in how it gets resolved. If you follow Anthropic and the Pentagon, you’ll probably want The Data Center Daily: a daily briefing on AI compute, hyperscaler capex, the power grid, chips, and energy markets reshaped by intelligence at scale. Find it wherever you listen to podcasts.
You’ll find links to every story we covered today in the show notes, so if one caught your ear, you can go straight to the source and read more.
That’s Anthropic Pentagon Watch for today. This is a Lantern Podcast.