// tl;dr
Anthropic closed a $65 billion Series H at a $965 billion post-money valuation on Thursday, more than tripling its February mark and passing OpenAI as the most valuable AI company. The same day, it shipped Claude Opus 4.8, which was evaluated as roughly four times less likely than Opus 4.7 to let flaws in generated code pass without acknowledgment. Strategic infrastructure partners Samsung, SK Hynix, and Micron joined the round; $5 billion came from Amazon.
A Texas data-center developer filed a $100 million federal lawsuit against Hill County on Wednesday, three weeks after the county passed a 12-month moratorium on data-center construction over its own attorney’s warning that the moratorium was illegal. RCM Hill says it spent more than 16 months and millions of dollars planning a 1,235-megawatt data center on 800 unincorporated acres. The complaint quotes the May 12 commissioners’ meeting, where Judge Brassell said, “It’s illegal,” before voting yes anyway.
Pennsylvania Governor Josh Shapiro released the first state-level cost-allocation standards for AI data centers on Wednesday. Developers seeking state tax benefits and fast-track permitting must pay entirely for their own energy build-out so home electric bills do not rise, deliver 200 prevailing-wage construction jobs, and create 50 permanent jobs at 125% of Pennsylvania’s average statewide wage. Shapiro is sending legislation to the General Assembly to codify GRID into law.
CNN filed suit against Perplexity in federal court on Thursday for scraping more than 17,000 CNN stories, photos, and videos to train its AI search index, plus a trademark claim that Perplexity falsely advertised CNN premium access through its “Comet Plus” tier. CNN is the first TV network to sue an AI scraper. Perplexity’s chief communications officer answered with four words: “You can’t copyright facts.”
Malwarebytes and Help Net Security documented a malware campaign this week distributing fake Claude AI and ChatGPT installers on GitHub and SourceForge, promoted through compromised YouTube tutorial channels with 50,000-plus views. The payload installs a backdoor called DinDoor that loads a Deno-based remote access Trojan in memory. The Trojan targets more than 50 crypto wallet apps, including MetaMask, Trust, Phantom, Atomic, Exodus, and Electrum, as well as browser credentials and clipboard history.
Canada’s Public Safety Minister committed this week to amending Bill C-22 to strip the encryption-backdoor mandate and the one-year metadata retention requirement, after Apple, Google, Signal, Meta, and major VPN providers, including Proton, submitted public objections. Apple’s filing: “This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products, something Apple will never do.” Minister Anandasangaree said the encryption issue was “never meant” by the bill and will be clarified before the committee.
Two and a half years ago, Anthropic was a small AI safety lab that did not even have a billion dollars in revenue. Today, the company raised $65 billion at a $965 billion valuation and quietly leapfrogged OpenAI to become the most valuable AI company in the world. The same day, it shipped Claude Opus 4.8, the first frontier model evaluated as substantially less likely to lie about its own code than its predecessor. Outside the lab, the bills kept landing where they have all month: in Texas, a data-center developer sued the rural county that paused his build for one hundred million dollars; in Pennsylvania, the governor told developers they will pay for their own power; in New York, CNN sued Perplexity for scraping its newsroom; on YouTube, hackers built a campaign that drains your crypto wallet through a fake Claude installer; and in Ottawa, Apple, Google, and Signal forced the federal government to walk back an encryption backdoor it tried to put into law.
Anthropic closed a $65 billion round and overtook OpenAI; a Texas developer countersued his county for $100 million; Pennsylvania told data centers to pay their own power bills; CNN sued Perplexity; fake Claude installers landed on YouTube; and Apple and Google made Canada strip an encryption backdoor from a bill.
1. Anthropic closed at $965 billion today and overtook OpenAI as the most valuable AI company. The same day, it shipped a Claude designed to say when it does not know.
Continuing 5.22 #1 (OpenAI files confidential IPO papers) and 5.23 #2 (Anthropic was closing a $30B-plus round at a valuation above $900 billion). Today the round closed at more than double the rumored size, the valuation was finalized above OpenAI’s last private mark, and the new model shipped the same hour.
On Thursday, Anthropic announced it had closed a $65 billion Series H at a $965 billion post-money valuation, almost triple the company’s $380 billion mark from February and ahead of OpenAI’s last publicly reported valuation. The round was co-led by Altimeter Capital, Dragoneer, Greenoaks, Sequoia Capital, Capital Group, Coatue, and D1 Capital Partners. Strategic infrastructure partners Samsung, SK Hynix, and Micron joined the round. About $15 billion of the round consisted of previously committed hyperscaler money, including $5 billion from Amazon. The company said its annualized run-rate revenue crossed $47 billion earlier this month, up from a $30 billion run rate at the start of the year.
The same day, Anthropic released Claude Opus 4.8. The release notes describe it as a model focused on agentic tasks and advanced coding, with a behavioral upgrade Anthropic frames as “honesty and self-correction.” On Anthropic’s internal evaluations, Opus 4.8 is roughly four times less likely than Opus 4.7 to allow flaws in code it generated to pass without acknowledgment.
The model is the immediate default for paid Claude users on the web and through the API. The valuation announcement and the model release on the same day are not a coincidence: Anthropic is staking its claim to the most valuable position with a model whose distinguishing characteristic is that it says when it does not know, at the same hour the round closes, putting it ahead of OpenAI.
Why this matters: If you use Claude at work, the model that responds to your prompt this morning is a new one and was specifically trained to tell you when its generated code looks wrong to it. The honesty framing is the editorial story; the valuation is the structural one. The safety lab passed the speed lab on price. Whoever is paying the bills inside your company for AI services now has a new entry at the top of the most-valuable-private-company list, and that entry’s pitch is “we will say when we do not know.” That changes the conversation about which model gets put in front of a customer-facing decision.
Action this week: Open Claude.ai and check which Claude model is set as the default for your team plan; if it is still Opus 4.7, the upgrade has not propagated yet. If your team has an evaluation suite, rerun the code-flaw acknowledgment cases before the next sprint. If you work in IT procurement and have a multi-year Claude commit on the books, pull up your contract and find the model-version clause; the pricing tiers for Opus models may shift in the weeks after a flagship release.
techcrunch.com: Anthropic raises $65 billion, nears $1T valuation ahead of IPO
anthropic.com: Anthropic raises $65B in Series H funding at $965B post-money valuation
2. A Texas data-center developer sued Hill County for $100 million on Wednesday over the moratorium the county passed three weeks ago after its own attorney told the commissioners it was illegal.
Continuing the data-center community-pushback arc that ran 5.20 (Maine), 5.21 (Denver), 5.22 (Minneapolis), 5.26 (AOC + Meta water), and 5.28 (Minnesota Skyway TRO). Today the arc inverts: the developer sues the community.
RCM Hill, LLC, a Texas data-center developer, filed suit in the U.S. District Court for the Western District of Texas, Waco Division, on Wednesday, May 27, 2026, against Hill County, Texas, the county judge, and the three commissioners who voted yes on a 12-month construction moratorium on May 12. The complaint runs more than 60 pages and alleges damages “in excess of $100 million.” It asks the court to strike down the moratorium under Texas law, block enforcement, and award damages. RCM Hill says it spent more than 16 months and “millions” of dollars planning a 1,235-megawatt data center on roughly 800 acres in unincorporated Hill County before the moratorium passed.
The complaint quotes the May 12 commissioners' court meeting at length. According to the filing, County Judge Justin Brassell said “it’s illegal” before voting yes, Commissioner Jim Holcomb said “there’s no right way to do it, cause it’s against the law,” and County Attorney David Holmes told the court the commissioners lacked the legal authority to enact a moratorium.
The vote was 3-2 anyway. The case is the first instance in 2026 of a data-center developer using federal court to challenge a community moratorium for damages, and it lands in the same week Minnesota’s Goodhue County judge halted Google’s Project Skyway data center on records-disclosure grounds and Pennsylvania’s governor published the first state cost-allocation rules for new builds.
Why this matters: If your county or town is in an active fight against a data-center build, the developer’s legal playbook for hitting back is now on file in federal court. The complaint identifies which Texas-law preemption doctrines the developer relies on, which evidence from the public commissioners’ meeting it uses as admissions, and the amount it puts on damages. None of that was visible before this week.
Action this week: If you are on a county commission or town council weighing a data-center moratorium this summer, pull the RCM Hill v. Hill County complaint from PACER (filed in the Waco division of WD Tex this week) and read it before the vote, because the developer in your jurisdiction will. If you are a resident, look up the same complaint and check whether your county’s enabling statute differs from Texas’s. If you are an IT or operations leader at a Texas-based company evaluating a data-center site, the case puts a real number on the public-meeting record risk: the developer’s $100M damages claim is built almost entirely on what county officials said on the record before voting yes.
kwtx.com: Data center developer files lawsuit over ‘illegal’ moratorium in Hill County, Texas
3. Pennsylvania’s governor published the first state cost-allocation rules for AI data centers on Wednesday. Developers who want the tax breaks pay for their own power and put jobs on the prevailing wage.
Continuing the data-center community-pushback arc. This is the regulatory leg: the first US state to write the cost-allocation rule into a permit condition.
Pennsylvania Governor Josh Shapiro released the full Governor’s Responsible Infrastructure Development (GRID) Standards on Wednesday, May 27, 2026. The standards establish four pillars that data-center developers must meet to receive Pennsylvania’s tax benefits on data-center equipment purchases and access to the state’s Permit Fast Track Program: energy affordability, transparency and community engagement, workforce and economic development, and environmental protection. Under the energy-affordability pillar, developers are required to pay to bring enough new energy online so that home electric bills do not rise. Under workforce, developers must deliver at least 200 prevailing-wage construction jobs and at least 50 permanent jobs paying 125% of Pennsylvania’s average statewide wage. In this environment, developers must meet state requirements regarding water, air, and land impacts. Developers seeking certification submit a joint application to the Office of Transformation and Opportunity and the Department of Revenue.
The Shapiro administration is now drafting legislation to send to the General Assembly that would codify GRID into Pennsylvania law. Until that legislation passes, GRID is an executive-branch standard governing what projects qualify for state tax benefits and streamlined permitting, not a binding ban on projects that do not meet it. The structural significance is that Pennsylvania is the first US state to take a position on cost allocation: developers, not ratepayers, bear the burden of new energy required by a new data center. The policy lands in the same week the Trump Department of Energy issued its fifth emergency order forcing a retired Michigan coal plant to keep burning to serve AI-driven grid demand, an order that has put $180 million on Michigan ratepayers.
Why this matters: If you pay an electric bill in Pennsylvania, your state just told data-center developers that the additional generation they need to draw is theirs to fund, not yours. That is the first time a state has put that condition in writing as a permitting standard. If you live in any other state, the template is now public and can be cited at a state legislative hearing or in a public utility commission filing.
Action this week: Look up your state’s pending data-center legislation on your state legislature’s website; if there is a bill on tax breaks or permit acceleration, read it next to the Pennsylvania DCED page on GRID and ask your state representative whether the Pennsylvania energy-affordability pillar can be added. If you are at a utility, the GRID standard becomes part of how public-utility commissions in neighboring states will frame data-center interconnection requests. If you are at an electric cooperative or municipal utility, the Inside Climate News write-up has the full implementation detail and is the cleanest source for the cost-allocation mechanics.
pa.gov: Gov Shapiro releases full GRID standards to protect Pennsylvanians
4. CNN sued Perplexity in federal court Thursday for scraping 17,000 stories and faking a CNN partnership badge on its paid tier. Perplexity’s lawyer answered with four words.
CNN filed a copyright and trademark lawsuit against Perplexity AI on Thursday, May 28, 2026, in the U.S. District Court for the Southern District of New York. The complaint alleges that Perplexity “unlawfully crawls, scrapes, copies, and distributes” more than 17,000 CNN stories, photos, and videos from CNN.com and third-party platforms, using them to build the AI-first search index Perplexity feeds into large language models when users submit queries. The trademark claim is separate: CNN alleges Perplexity falsely advertised access to CNN premium content as part of its paid “Comet Plus” tier, including in marketing visible to logged-out users. According to CNN, the two companies tried to reach a licensing agreement in 2025; talks failed; CNN then blocked Perplexity’s scraping bot. The lawsuit is CNN’s first AI copyright filing and the first by any US television network.
Perplexity’s chief communications officer, Jesse Dwyer, responded in a written statement: “You can’t copyright facts.” The defense parallels the position Perplexity has taken in active suits filed by The New York Times and the Chicago Tribune: that the company indexes and summarizes public information rather than reproducing copyrighted expression. CNN’s complaint argues otherwise on trademark grounds, since the “Comet Plus” advertising claim was a representation about a business relationship that did not exist, which copyright does not reach but the Lanham Act does. The suit also names Anthropic and OpenAI indirectly through allegations that Perplexity’s index feeds tokens to models from both companies, which surface CNN-derived content in chatbot replies without payment or attribution.
Why this matters: If you use an AI tool to search for news, the question of which outlets are inside the index and what their material is worth has now reached the first TV network. The earlier suits from print outlets set the legal precedent; CNN’s filing is the test case for whether that pattern extends to video and broadcast newsroom output. If publishers win, the economics of AI search change, and the AI tool you use most starts paying for the news it cites, which changes the price, scope, or both. If publishers lose, the answer “AI summaries are free and unattributed” becomes settled, and the publisher ecosystem your news habit depends on shrinks.
Action this week: Open the AI tool you use most often for news; search for a CNN headline from this week and notice whether the response cites CNN by name and links to the original or paraphrases without attribution. If you pay for a news subscription, write down which outlets are showing up in your AI search and which are not, because the answer in three months will be different. If you work in legal or compliance and your company indexes public web content into an internal AI tool, the Lanham Act trademark claim in the CNN complaint is the new model risk: misrepresenting a content-licensing relationship is now an independent claim regardless of the copyright outcome.
cnn.com: CNN sues Perplexity over alleged AI copyright theft
5. Fake Claude and ChatGPT installers landed on GitHub and YouTube this week. The payload drains 50-plus crypto wallets. If you have installed an AI tool from a non-vendor link this month, check now.
Malwarebytes and Help Net Security documented a coordinated malware campaign this week that distributed trojanized installers posing as Claude AI desktop and ChatGPT installers (along with other popular software, including AutoTune, Kontakt, and Ableton Live) through repositories on GitHub and SourceForge.
Distribution runs through compromised YouTube tutorial channels, with videos promoting the fake tools accumulating more than 50,000 views. Victims are instructed to open a terminal and paste a command that downloads either an MSI installer (on Windows) or a PowerShell script (on macOS) from GitHub.
The script installs the legitimate Scoop package manager and WinGet, uses them to install the legitimate Deno JavaScript runtime, and then uses Deno to fetch the DinDoor backdoor in memory directly through standard input so the payload never touches disk.
Once installed, DinDoor connects to a command-and-control server and delivers a full remote-access Trojan. The Trojan’s capabilities include credential theft from browsers, screenshot capture, clipboard recording, and a hidden video stream using Microsoft Edge as cover. The wallet-targeting layer is the financial story: DinDoor specifically targets more than 50 cryptocurrency wallet browser extensions and software wallets, including MetaMask, Trust Wallet, Phantom, Atomic Wallet, Exodus, and Electrum. The package-manager hop and the in-memory payload delivery are the technical novelty: both legitimize the early execution stages with familiar software (Scoop, WinGet, Deno) and bypass disk-based detection. Help Net Security and Malwarebytes both note that the campaign has been live for at least several weeks and closely tracks the public timing of major Claude and ChatGPT search-interest spikes.
Why this matters: If you or anyone in your household has searched for how to install Claude or ChatGPT in the last few weeks, the second YouTube result for those queries may have led you to a malware installation that has been running on your laptop ever since. The campaign explicitly targets crypto wallets, but the same backdoor steals browser credentials, clipboard history, and screenshots. The correct install paths for Claude are claude.ai (web) and Anthropic’s published desktop downloads; for ChatGPT, they are chatgpt.com and OpenAI’s published desktop downloads. Nothing pasted from a terminal command from a YouTube video should ever land on your system.
Action this week: Pull up YouTube right now and search “how to install Claude” and “how to install ChatGPT” in a fresh session, and notice which channels are run by Anthropic and OpenAI versus everyone else; then sit your kid, your parent, or whoever in your house installs software down for two minutes and walk through it together. If you have any crypto wallet installed, check your transaction history for unexpected sends and rotate the seed phrase if anything looks off. If you administer a network with developer workstations, search your endpoint logs for unexpected Scoop, WinGet, or Deno installs in the last 60 days that are not on a developer’s known-tools list.
helpnetsecurity.com: Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware
6. Apple, Google, Signal, and Meta forced Canada’s Public Safety Minister this week to commit to stripping the encryption-backdoor language out of Bill C-22 before it goes back to committee.
Canada’s Bill C-22, the federal Lawful Access Act, was introduced this spring as a framework for police access to encrypted data and stored telecommunications metadata. As drafted, the bill would compel services that offer end-to-end encryption, including iMessage, Google Messages, WhatsApp, and Signal, to build a path for the Canadian government into the encrypted protocol, and would require telecommunications and platform companies to retain certain user metadata for up to one year.
This month, Apple, Google, Signal, Meta, and major VPN providers, including Proton, filed public objections with the House of Commons. Apple’s written submission read in part: “Bill C-22, as drafted, would undermine our ability to offer the powerful privacy and security features users expect from Apple.
This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products, something Apple will never do.” The Electronic Frontier Foundation filed a parallel objection.
On Wednesday, Public Safety Minister Gary Anandasangaree told reporters that he will propose amendments to Bill C-22 to address the encryption and metadata concerns before the bill returns to committee in June. Anandasangaree said: “The encryption issue is one we will clarify because this bill was never meant to breach encryption. We will clarify it in the bill, and we look forward to working with the opposition on appropriate language that we can live with.” The minister did not commit to specific amendment text, and the timeline gives him roughly four weeks to publish the revisions before the committee window opens. Bill C-22 follows last year’s Bill C-26, which the EFF described as “a surveillance nightmare” and which was widely understood to be the same legislation with a different number. The retreat on the encryption clause is the first material concession from the federal government since the bill was introduced.
Why this matters: If you use iMessage, WhatsApp, or Signal for anything sensitive (about your health, your money, your kids, your work), the Canadian government this week stepped back from a proposal that would have legally compelled the people who make those apps to put a key for police into the encryption. The proposal is not dead. The minister has promised to amend, not withdraw. But the public objections from Apple, Google, Signal, and Meta worked, and the template for how a tech-platform pushback can force a backdoor mandate into a national bill is now visible. The next country to try the same drafting will see this playbook.
Action this week: If you live in Canada, write your Member of Parliament before June and ask them to vote against any amendment language that still permits a “lawful access” requirement on end-to-end encrypted protocols. If you live in the US, the EFF’s Bill C-22 page has the side-by-side of what the original draft would have required and what the amendments are expected to remove; that is the document to forward when a US lawful-access bill drops. If you administer encrypted messaging at a company, the Apple submission is the cleanest text to cite in your own regulatory comments.
theglobeandmail.com: Ottawa plans amendments to lawful-access bill amid backlash
» What to watch this week
Anthropic’s first SEC filing. The TechCrunch story explicitly frames the $65 billion Series H as “the last private round” before an IPO. If S-1 paperwork lands at the SEC in the next 60 days, the Anthropic-OpenAI valuation race becomes a public-markets question, and the prices of every enterprise Claude contract get repriced in a new context.
The first hearing in RCM Hill v. Hill County. The federal court’s initial conference will set the discovery schedule and clarify whether the developer’s $100 million damages claim survives a motion to dismiss. Whatever the court rules on the Texas-law preemption question is the precedent every other developer reads before deciding whether to sue back.
The Pennsylvania General Assembly bill introducing GRID into law. The Shapiro administration said legislation is being drafted. The bill number and the committee assignment are the next milestones. Whether GRID survives a Republican-controlled legislative committee is the test of whether the Pennsylvania model exports.
Perplexity’s answer to the CNN complaint and a status hearing in the parallel NYT case. Perplexity has not yet filed its response to CNN. The motion to dismiss will tell us whether Perplexity treats the trademark claim around “Comet Plus” as a serious risk. The Southern District of New York has had AI copyright matters on the docket since 2023; the CNN suit gets routed into the same judicial pipeline.
Whether GitHub and YouTube remove the DinDoor distribution repos and channels. Both companies have abuse-reporting workflows for malware-hosting accounts. The next 72 hours will show whether the documented campaign is pulled or new repos and channels appear faster than enforcement can remove them, which is the bellwether for how the next AI-themed malware wave unfolds.
The specific text of the Bill C-22 amendments when they land. Public Safety Minister Anandasangaree committed to amendments; the test is whether the amended bill removes the legal compulsion on end-to-end encrypted services or just rephrases it. EFF and Michael Geist will both publish line-by-line analysis; that analysis is the document to forward when the same drafting language appears in a US bill.
Tomorrow’s signal lands here.
PickBits Daily Signal is a working brief by Mark Pickering. Twenty years of shipping apps and workflow automation, with the last stretch on agentic workflows on ServiceNow. The newsletter is free. If a friend forwarded this to you and you want it in your inbox, subscribe at pickbitsai.substack.com.
