Defense AI, Firefox Bugs, and Bot Buyouts

Welcome to AI News in 10, your top AI and tech news podcast in about 10 minutes. AI tech is amazing and is changing the world fast, for example this entire podcast is curated and generated by AI using my and my kids cloned voices...

It's Saturday, May 2, 2026, and today we're watching defense, browsers, bots... and a big wave of consolidation in conversational AI. Here's what's on deck: the Pentagon is expanding its AI partners for classified networks, Meta quietly bought a humanoid robotics startup, Mozilla used Anthropic's Mythos to uncover hundreds of Firefox bugs, Trellix confirmed a source code breach, and SoundHound is buying LivePerson to stitch voice agents and digital messaging into one platform. Let's dive in.

[BEGINNING_SPONSORS]

First up, the U.S. Defense Department is deepening its AI bench for the most sensitive missions.

On Friday, the Pentagon said it signed new agreements with Nvidia, Microsoft, Amazon Web Services, and Reflection AI to deploy their models and hardware on classified networks for lawful operational use. The deals build on earlier arrangements with Google, OpenAI, and SpaceX—part of an explicit push to avoid vendor lock-in by creating a diversified AI architecture across IL6 and IL7, the highest tiers for national security workloads.

The department also highlighted rapid adoption of GenAI.mil, its internal generative AI portal, which it says has already been used by more than 1.3 million Defense Department personnel for research, drafting, and analysis. TechCrunch reports that Oracle was also named on the Pentagon's X account as joining the classified AI roster—another signal this is moving fast and getting broad.

What's the takeaway? This isn't pilot land anymore... the DoD is standardizing how advanced models get deployed behind the wire—multiple clouds, multiple model families, and clear pathways into the workflows commanders actually use. If you're a builder selling into the public sector, compliance at IL6 and IL7—and your story on human-in-the-loop controls—just went from nice to have to table stakes.

Story two: Meta just bought a robotics startup to accelerate its humanoid ambitions.

The company acquired Assured Robot Intelligence—ARI—for an undisclosed price. ARI focuses on foundation models for robot control in complex, human-centered environments. Its cofounders include Xiaolong Wang, formerly at Nvidia and UC San Diego, and Lerrel Pinto, an NYU professor who previously co-founded a kid-scale humanoid shop that was later snapped up by Amazon. The ARI team is joining Meta's Superintelligence Labs, where the remit is building frontier models that can reason and act—not just chat.

If you're wondering why a social giant wants robots... here's the bet. Many researchers think human-level AI will require grounding in the physical world—learning by interacting, not just ingesting internet text. So whether or not Meta ever launches a consumer humanoid, the data—and the control policies robots generate—could be central to its long-term AI stack. TechCrunch says the internal memo frames ARI as a catalyst for whole-body humanoid control. Ars Technica also notes the alignment with Meta's in-house models like Muse Spark.

Story three: a big milestone in cyber defense, powered by AI.

Mozilla says an early version of Anthropic's Claude Mythos Preview helped its engineers identify 271 vulnerabilities in Firefox version 150—fixes that shipped this month. In a plain-spoken blog post, Firefox CTO Bobby Holley said defenders finally have a chance to win, decisively, arguing that models like Mythos can now reason through source code the way elite researchers do—but at machine speed and scale. Coverage from Ars Technica adds that Mozilla hasn't seen brand-new bug categories that only AI can find; what's changed is the speed and coverage of finding what humans could, in theory, uncover with enough time. It's a shift away from pure fuzzing toward reasoning over the codebase—and it's strong evidence that large models can tip the offense versus defense balance... if teams can keep up with remediation.

Two practical notes for security leads. First, AI expands your finding capacity, so your bottleneck moves to tracking and patching. Second, Holley warns against codebases growing beyond human comprehension as AI writes more of our software—something to keep in mind as you adopt AI coding agents in production.

[MIDPOINT_SPONSORS]

Story four: Trellix confirms a source code breach.

The cybersecurity vendor says a portion of its internal repositories were accessed without authorization. Early reporting highlights that attackers gained access to Trellix source code—details are still emerging—but the incident lands amid a wave of supply-chain compromises already touching high-profile dev stacks and hosting providers. Integrity360 circulated an advisory summarizing the Trellix incident and recommending immediate credential rotation and secret scanning across dependent repos. The broader pattern we've been following: attackers pivot from CI/CD tokens to package registries and back again... chaining multiple weak links across the software build chain. If your teams rely on vendor SDKs or EDR connectors, this is a good weekend to re-verify signed artifacts, SBOMs, and your own GitHub Actions permissions.

Zooming out, recent breaches at development platforms and app hosts have shown how an upstream compromise can cascade downstream into many orgs—long after the initial disclosure. Keep an eye on Vercel's incident fallout and similar supply-chain advisories, and consider kill-switch playbooks for rotating keys and revoking tokens at scale.

And story five: consolidation in conversational AI—SoundHound is buying LivePerson.

The companies announced a definitive agreement that values LivePerson's equity at roughly 43 million dollars, with an implied enterprise value around 250 million after factoring in debt. At closing, SoundHound expects to receive about 74 million dollars of LivePerson's cash.

Why it matters. LivePerson processes on the order of a billion customer messages a month and has long relationships with large enterprises. SoundHound brings proprietary voice agents, real-time on-device speech tech, and its Agentic Plus framework. Combined, they're pitching an omnichannel platform—voice, chat, and task-oriented AI under one roof—with coverage that includes roughly a quarter of the Fortune 100, according to the companies. In a year when many enterprises want fewer vendors and clearer ROI from AI, this is the kind of scale-through M and A play we expect to see more of.

Quick recap before we go.

The Pentagon's classified AI push formalizes a strategy with multiple vendors and multiple clouds for mission AI... Meta's ARI deal points to embodied intelligence as a core strategy, not a side bet... Mozilla's Mythos experiment suggests AI can drastically accelerate vulnerability discovery—shifting the bottleneck to fixes... Trellix's breach is a reminder to harden your build chains and rehearse key rotations... and SoundHound plus LivePerson signals that voice agents and chat ops are converging into full-stack customer platforms.

We'll be back tomorrow with more.

Thanks for listening and a quick disclaimer, this podcast was generated and curated by AI using my and my kids' cloned voices, if you want to know how I do it or want to do something similar, reach out to me at emad at ai news in 10 dot com that's ai news in one zero dot com. See you all tomorrow.