Google ties zero-day to criminal AI use | House marks up AI PLAN Act | Palantir gets NHS patient data

Bottom Line Up Front

Google linked a live zero-day exploit to criminal AI use, disclosing that attackers used AI to write a Python script that bypassed two-factor authentication on an open-source tool. House Financial Services set a Wednesday markup for H.R. 2152, the Artificial Intelligence Practices, Logistics, Actions, and Necessities (AI PLAN) Act and H.R. 4801, the Unleashing AI Innovation in Financial Services Act, advancing AI legislation alongside five other bills on the same docket. NHS England granted Palantir staff admin level access to identifiable patient records on the Federated Data Platform, drawing warnings from MPs over privacy safeguards. U.S. scientists pressed Congress to restore the NSF Board after Trump administration dismissals slowed grant making, citing the risk of falling behind China on AI research ahead of the May 14-15 Beijing summit.

I.AI Policy Today

Google attributes a working zero-day exploit to criminal use of AI

Google said Monday it had disrupted a criminal group's attempt to use AI to find and exploit a previously unknown vulnerability in a popular open-source system administration tool, the Associated Press reported. John Hultquist, chief analyst at Google's Threat Intelligence Group, said: "It's here. The era of AI-driven vulnerability and exploitation is already here." The exploit was a Python script that bypassed two-factor authentication by abusing a faulty trust assumption, CSO Online reported. The case shows AI generated exploits can target high-level logic flaws rather than memory corruption bugs. Google declined to name the targeted vendor or the AI model the attackers used, saying only that the model was most likely not Google's Gemini or Anthropic's Claude Mythos. The disclosure follows the IMF's May 7 warning that AI driven cyber attacks could trigger a macro-financial shock, as reported by The Wall Street Journal in AIPD's May 8th edition.

Read at AP ↗ • Read at CSO Online ↗

House Financial Services schedules Wednesday markup of AI PLAN Act and AI Innovation in Financial Services Act

The House Financial Services Committee will mark up H.R. 2152, the Artificial Intelligence Practices, Logistics, Actions, and Necessities (AI PLAN) Act, and H.R. 4801, the Unleashing AI Innovation in Financial Services Act, on May 13, according to the committee notice. The committee will also consider H.R. 2978 (the Guarding Unprotected Aging Retirees from Deception, or GUARD Act), H.R. 5396 (the Price Stability Act of 2025), H.R. 8278 (the Fostering the Use of Technology to Uphold Regulatory Effectiveness in Supervision, or FUTURES Act), and H.R. 8671 (the Bank Fraud Technology Advancement Act of 2026).

Read at House Financial Services ↗

NHS England grants Palantir contractors "unlimited access" to identifiable patient data on Federated Data Platform

NHS England agreed to set up an admin role that gives staff from Palantir and other contractors unlimited access to identifiable patient data inside the Federated Data Platform, the Financial Times reported, citing an internal briefing. The change covers the National Data Integration Tenant, a holding layer for data before pseudonymisation. Palantir won a £330 million ($444 million) contract in 2023 to build the FDP. MPs warned that the decision is "dangerous" and will fuel concerns that data privacy is not being prioritized, The Guardian reported. The leaked briefing recommended that external admin permissions be time-limited and subject to periodic review.

Read at FT ↗ • Read at Guardian ↗

Scientists urge Congress to reverse NSF Board dismissals, warning of AI research disadvantage to China

A group of U.S. scientists pressed Congress on Monday to act over the Trump administration's dismissal of the National Science Foundation Board and the slowed pace of NSF grant making, the New York Times reported. The scientists warned that the slowdown could put the United States at a disadvantage with China on AI and other foundational research. The National Science Board oversees NSF and the dismissals are tied to the broader Trump administration push on science funding. The scientists' push comes ahead of the Trump-Xi summit on May 14 and 15 in Beijing.

Read at NYT ↗

Bipartisan U.S. lawmakers urge Trump to clear stalled Taiwan arms sale before Xi summit

A bipartisan group of U.S. senators is pressing the Trump administration to proceed with a Taiwan weapons sale that has been held up for months, the New York Times reported. The lawmakers are pushing for clearance ahead of President Trump's meeting this week with Chinese President Xi Jinping. Senators told Taiwanese counterparts to expect approvals in the coming weeks, MarketScreener reported. The summit is scheduled for May 14 and 15 in Beijing.

Read at NYT ↗ • Read at MarketScreener ↗

AI placed among top three agenda items for Trump-Xi Beijing summit on May 14 and 15

Brookings Institution senior fellow Patricia Kim told NPR ahead of the meeting that AI joins the Strait of Hormuz and Taiwan as the three top items on the Trump-Xi summit table. The trip reflects President Trump's second-term turn toward foreign policy, Bloomberg reported. Trump has shown greater ambivalence toward Taiwan in his second term, raising questions about U.S. support for the island ahead of the meeting, the Associated Press reported.

Read at NPR ↗ • Read at Bloomberg ↗ • Read at AP ↗

II.China Watch

ByteDance lifts 2026 AI infrastructure budget 25% to $28 billion

ByteDance has raised its 2026 capital expenditure plan for AI infrastructure to 200 billion yuan ($28 billion), up from the 160 billion yuan ($22 billion) budget set late last year, TechNode reported Monday, citing people familiar with the matter. Rising memory chip costs and a push to scale generative AI training are driving the increase. A larger share of the budget will now go toward domestic AI chips. The jump in capital expenditure signals sustained demand pressure on Chinese alternatives to Nvidia accelerators that remain subject to U.S. Commerce Department export controls. It also reinforces ByteDance's positioning as a buyer of the domestic chip stack Beijing is racing to mature.

Read at TechNode ↗

BAAI releases FlagSafe large language model safety system

The Beijing Academy of Artificial Intelligence, together with Peking University, Beihang University and other institutions, released a model safety system called FlagSafe, per PingWest. The system covers red team exercises, blue team defense and white-box analysis. It is designed to provide a closed loop spanning risk discovery, governance and interpretation. BAAI, a state-affiliated lab that has hosted Beijing's annual AI Safety International Dialogue, is positioning itself as a domestic standard-setter for safety evaluations as Chinese regulators continue building out the technical layer of Cyberspace Administration of China (CAC) model oversight. As a single-source PingWest item, the launch should be read with lower confidence pending independent corroboration.

Read at PingWest ↗

DeepSeek funding round draws Tencent, Alibaba and state Big Fund into bidding war

DeepSeek is seeking up to $7.35 billion in its first external financing round, with Tencent, Alibaba and affiliates of China's state-backed Big Fund competing as bidders, per Pandaily. Founder Liang Wenfeng has pushed to keep the company independent and is resisting larger ownership stakes from any single backer. AIPD's May 6th edition flagged initial Bloomberg reporting on the Big Fund's lead role; the latest reporting adds Tencent and Alibaba as competing bidders alongside the state vehicle. The bidding contest signals that Beijing now treats DeepSeek as a national champion worth subsidizing across both state and private capital. U.S. policymakers may weigh that structure as House Foreign Affairs Committee export control bills targeting Chinese AI model distillation continue to advance.

Read at Pandaily ↗

Alibaba to fold Qwen AI agent into Taobao with end-to-end purchase control

Alibaba is preparing an integration of its Qwen AI platform with Taobao and Tmall, replacing keyword search with a conversational shopping agent that can browse the catalog of more than 4 billion products, compare prices and place orders, per TechNode. The agent draws on a "skills library" handling logistics, after-sales service and order history recommendations. Transactions complete through Alipay, with the agent stepping back only for final user confirmation. Handing the agent direct control over consumer payment flows will test how China's algorithm registry and generative AI labeling rules apply to autonomous purchasing decisions that an AI system makes on a user's behalf.

Read at TechNode ↗

PLA defense expo showcases AI mine-clearing underwater drones and combat robot dogs

The 2026 Chengdu Defence Technology Industry Expo featured submarine-launched autonomous underwater vehicles capable of detecting and neutralizing naval mines, designed for deployment from 260mm and 533mm torpedo tubes, the South China Morning Post reported. The larger model can operate at depths of up to 9,800 feet. People's Liberation Army robot dogs and "robot wolves" intended as mobile weapons platforms able to operate under recoil and blast impacts were also on display. The disclosures sit at the dual-use AI capability boundary that U.S. and Chinese officials are being urged to address through military AI confidence building measures ahead of the Trump-Xi summit.

Read at SCMP ↗

III.Capability & Research Watch

Microsoft Q1 2026 diffusion report finds 17.8% global generative AI use, 27.5% in developed economies

Microsoft's Quarterly AI Diffusion Report for Q1 2026 found generative AI was used by 17.8% of the working-age population worldwide, with adoption reaching 27.5% in developed countries, ChinaTechNews reported. The gap between developed and developing economies widened during the quarter. The Q1 report is the company's latest quarterly cut of self-reported AI use across labor markets. The 27.5% developed country figure compares with the 17.8% global headline.

Read at ChinaTechNews ↗

Guardian reframes AI workplace risk around algorithmic management and surveillance, not displacement

The danger AI poses at work is the growing divide between workers who use AI and those managed by it through opaque surveillance and control systems, The Guardian reported. The piece says the policy debate over AI and labor is "stuck in the wrong place" between job-apocalypse warnings and productivity promises. Workplace examples come from Britain, Kenya and the United States.

Read at Guardian ↗

WSJ tests find ChatGPT, Gemini and Claude give widely divergent answers on which jobs AI will displace

Economists asked ChatGPT, Gemini and Claude which jobs are most exposed to AI, and the answers varied across the three models, The Wall Street Journal reported. The exercise tested how policymakers and researchers leaning on AI itself for labor-impact forecasts should consider the use of any single model as a forecasting tool.

Read at WSJ ↗

MAGIQ paper proposes post-quantum, provably secure governance for multi-agent AI systems

A new arXiv paper introduces MAGIQ, a multi-agent AI governance system with provable post-quantum security guarantees. The authors write that current agentic governance architectures lack accountability primitives for the messages agents exchange. MAGIQ targets both agentic AI governance and the federal PQC migration timeline by retrofitting agentic AI deployments to NIST's post-quantum cryptography recommendations. NIST has recommended replacement of standard public-key algorithms including RSA, Diffie-Hellman and elliptic-curve cryptography to ensure long-term quantum resistance.

Read at arXiv ↗

IV.Industry & Market Watch

Cerebras lifts IPO target to $4.8 billion as AI chipmaker's pricing range climbs

Cerebras Systems increased the size and price range of its initial public offering, now seeking to raise as much as $4.8 billion, Bloomberg reported. Demand for the AI chipmaker and data center operator's shares continues to build. The company is now offering 30 million shares at $150 to $160 each in a May 11 SEC filing, Communications Today reported. The upsize follows Cerebras' earlier $3.5 billion target reported by SiliconANGLE in AIPD's May 5th edition.

Read at Bloomberg ↗ • Read at Communications Today ↗

Microsoft and G42's $1 billion Kenya data center stalls over guaranteed payment demands

Microsoft's East Africa data center site has been delayed by disagreements with the Kenyan government over the company's request for guaranteed annual capacity payments, Bloomberg reported, citing people familiar with the matter. Microsoft and UAE partner G42 had asked the government to commit to paying for a certain amount of capacity annually; when Kenya could not provide the guarantees at the level Microsoft requested, the talks broke down. The group may scale back the project. Kenyan Principal Secretary John Tanui said in an interview that Kenya was moving ahead and that the project was "not failed or withdrawn," with the scale still requiring some structuring. Kenyan President William Ruto has said the original 1 GW design would absorb a third of the country's 3 GW supply, per DataCenterDynamics.

Read at Bloomberg ↗ • Read at Communications Today ↗ • Read at DataCenterDynamics ↗

OpenAI launches DeployCo with $4 billion seed funding and acquires Tomoro to staff PE-backed enterprise venture

OpenAI said Monday it is setting up a new company with more than $4 billion in initial investment to help organizations build and deploy AI systems, Reuters reported. The company will acquire AI consulting firm Tomoro to staff the unit. The new entity, OpenAI Deployment Company, will be majority owned and controlled by OpenAI and is structured as a private equity-backed joint venture, Bloomberg reported. Tomoro was formed in 2023 in alliance with OpenAI and counts Mattel and Red Bull among its clients. The acquisition brings roughly 150 AI engineers and "deployment specialists" to the new unit on day one.

Read at Bloomberg ↗ • Read at Reuters ↗

SoftBank launches Japan zinc battery JV with Cosmos Lab and DeltaX to power AI data centers

SoftBank Group's telecommunications arm will build large-scale battery cells and storage systems in partnership with Cosmos Lab and DeltaX, The Wall Street Journal reported. The unit also plans to expand into selling AI computing power and manufacturing large-scale battery cells to address growing AI hardware demand, Bloomberg reported. SoftBank set up two joint venture vehicles, AX Factory for AI data center operations and hardware manufacturing and GX Factory for next-generation batteries and solar panels, with a target of 1 GWh of annual production starting in the April 2027 fiscal year. The company is targeting more than 100 billion yen ($640 million) in annual revenue from the new battery business by fiscal year 2030.

Read at WSJ ↗ • Read at Bloomberg ↗

Nvidia commits up to $2.1 billion to neocloud IREN, anchoring 5 GW DSX-aligned compute deployment

Nvidia will invest up to $2.1 billion in data center operator IREN as part of a deal to deploy up to 5 gigawatts of AI infrastructure, AI Business reported. IREN issued Nvidia a five year right to buy contract up to 30 million shares at $70 per share, Reuters reported. Future deployments are expected to focus on IREN's 2 GW Sweetwater campus in Texas, with the two facilities set to host Nvidia's DSX reference architecture, per DataCenterDynamics.

Read at AI Business ↗ • Read at Reuters ↗ • Read at DataCenterDynamics ↗

V.Global & Geopolitics

South Korean military explores Hyundai robotics partnership as troop numbers fall

South Korea's defense ministry told Bloomberg it is discussing a partnership with Hyundai Motor Co. to deploy robotics to the front lines as Seoul accelerates investment in AI-powered unmanned systems to address a deepening troop shortage. The army is considering machines for noncombat roles including surveillance, reconnaissance and logistics. Potential deployments include Boston Dynamics' Spot four-legged robot, the MobED mobility droid and the X-ble Shoulder exoskeleton, the Korea Economic Daily first reported. South Korea's standing forces have shrunk 20% in the past six years to 450,000.

Read at Bloomberg ↗ • Read at The Star ↗

AI defense firm Helsing closes in on $1.2 billion raise at $18 billion valuation

Helsing is set to raise $1.2 billion at an $18 billion valuation, the Financial Times reported. The round is led by U.S. investor Dragoneer with Lightspeed Venture Partners, alongside existing backers including General Catalyst. No German startup has previously closed a $1.2 billion round, per Handelsblatt. The company is backed by Plural and Spotify co-founder Daniel Ek. Lightspeed is an existing Helsing investor; Dragoneer is the new lead.

Read at FT ↗ • Read at Handelsblatt ↗