Andrew Davies

5/20/2026

Infrastructure Becomes the Control Surface: Morning Brief, May 20, 2026

The day's strongest articles are not about isolated breakthroughs. They show control moving into the connective layers beneath operations: portfolios, protocols, data layers, agent connectors, market rules, build chains.

morning briefsource-backed researchindustry signalsstrategyrisk intelligencetechnology changeAI strategycybersecurity

Short answer

The day's strongest articles are not about isolated breakthroughs. They show control moving into the connective layers beneath operations: portfolios, protocols, data layers, agent connectors, market rules, build chains, national compute, search distribution, and adaptation indicators.

This Morning Brief was published for May 20, 2026. It preserves the source trail behind the day's strongest signals and frames them for public strategy readers.

The day's strongest articles are not about isolated breakthroughs. They show control moving into the connective layers beneath operations: portfolios, protocols, data layers, agent connectors, market rules, build chains, national compute, search distribution, and adaptation indicators.

Executive Signals

  • Acquisition authority is being reorganized around mission plumbing: The Space Force missile-warning PAE, SOCOM's autonomy complaints, and NGC2 experiments all show defence modernization moving from individual platforms toward portfolio ownership, shared data layers, and faster integration authority.

  • Agent markets are consolidating around connective tissue: Anthropic's Stainless acquisition and KPMG alliance show model competition turning into control over SDKs, MCP servers, deployment partners, governed work surfaces, and professional-service distribution.

  • Market infrastructure is being reopened to tokenization: The SEC's expected innovation exemption could let tokenized public equities trade through crypto-native rails, creating a live test of whether market access can move faster than investor protection and issuer consent norms.

  • Operational trust is being pushed into the build chain: The AntV npm compromise and CISA's OT zero-trust guidance both show that trust can no longer sit at the perimeter. It has to live inside packages, build runners, identities, industrial assets, and supply-chain governance.

  • Sovereignty is becoming a physical infrastructure question: TELUS' planned Canadian AI factory cluster, McKinsey's quantum commercialization view, and the UK adaptation report all treat national resilience as a matter of compute, energy, climate readiness, and sector-level capability.

Anchor Articles

01. Space Force names Sandhoo as head of new missile warning/tracking PAE

Why it mattersA concrete reorganization of space acquisition authority around missile warning and tracking.

ActionWatch whether the new PAE accelerates decisions across SDA Tracking Layer, Next-Gen OPIR, and MEO missile-tracking programs.

Breaking Defense reports that the Space Force has formally appointed Gurpartap "GP" Sandhoo to lead its new Missile Warning and Tracking Portfolio Acquisition Executive office while also making him permanent director of the Space Development Agency. The appointment took effect May 11 and gives one leader responsibility across a mission area that is becoming central to missile defence, hypersonic tracking, and space-based sensing.

The useful detail is the portfolio boundary. The new PAE covers the SDA Tracking Layer in low Earth orbit, Next Generation OPIR in geosynchronous and polar orbits, and the Resilient Missile Warning and Tracking medium Earth orbit program. Those are not interchangeable programs. They sit across different orbital regimes, acquisition cultures, vendors, and technical timelines, which makes the office a test of whether the Space Force can align authority with the actual mission architecture.

The article is also about accountability. Space acquisition has often been split between agencies, commands, and program offices whose incentives do not naturally line up. By double-hatting Sandhoo, the Space Force is signaling that missile warning and tracking is no longer a collection of satellite buys; it is an integrated portfolio that needs coordinated architecture, sequencing, and budget discipline.

The broader pattern is visible beyond space. Defence organizations are trying to move from platform modernization to kill-chain modernization. That requires portfolio owners who can see across sensors, data movement, orbital layers, acquisition schedules, and operational users. If the new office works, it becomes a model for how allied militaries handle cross-domain capability areas where the value comes from integration rather than from a single exquisite asset.

02. 'Collaborative autonomy' development not moving fast enough for SOCOM

Why it mattersSOCOM's acquisition official named the integration bottleneck behind autonomy adoption.

ActionTrack whether common autonomy interfaces, right-to-integrate efforts, and shared algorithms become procurement requirements.

DefenseScoop reports that David Breede, deputy director of acquisition for U.S. Special Operations Command, told a SOF Week audience that collaborative autonomy is moving too slowly. His concern was not simply that drones, uncrewed surface vessels, or automated targeting tools need better individual performance. It was that autonomous behaviors still have to be integrated platform by platform, domain by domain, in ways that slow adoption and make systems brittle.

Breede described the need for autonomous and semi-autonomous systems to share data, understand the environment together, and act on common information. He pointed to Ukraine's counter-drone network as a visible example of why integrated sensors, weapons, and communications matter. He also tied SOCOM's problem to the Army's Right to Integrate push, which is trying to break the long habit of expensive bespoke integration across old and new systems.

The constraint is architectural. Collaborative autonomy only becomes militarily useful when algorithms, mission behaviors, data, and communications can travel across platforms. If automated target recognition works on a small drone but cannot be reused by an unmanned surface vessel or shared with another sensor, the force is buying isolated autonomy rather than a combat system.

This article fits the day's larger infrastructure theme because it frames autonomy as an interoperability problem before it is a robotics problem. The next phase of defence demand may reward vendors who expose interfaces, separate autonomy from platform-specific stacks, and make algorithms portable across domains. The unresolved question is whether acquisition offices will enforce that shift early enough, or whether urgent fielding pressure will keep reproducing closed systems.

03. Special Forces joins Army's next-gen C2 prototype experiments

Why it mattersThe article shows SOF adapting to an Army data layer rather than building a separate modernization lane.

ActionWatch whether SOCOM adopts NGC2 application baselines or insists on separate special-operations variants.

Breaking Defense reports that 10th Special Forces Group has joined the Army's Next Generation Command and Control prototype experiments after seeing how the 4th Infantry Division was using the new architecture. Major Jaysin Williams, the group's SOF NGC2 integration director, described the work as forcing SOCOM to reconsider how special operations fits into a digital kill chain built for contested environments.

The reporting gives concrete details from the Ivy Sting and Ivy Mass exercises. 10th Group participated in several prototyping events and used Ivy Mass to test special reconnaissance, liaison with the Joint Air Ground Integration Cell, green radios, tactical radios, and position-location sharing with conventional forces. Williams also described an earlier demonstration in which data moved from a commercial sensor through staff sections to an effector in under two minutes.

The article changes the usual SOF modernization frame. Special operations forces often build or customize tools around their unique mission sets. Here, the emerging question is whether SOF should own a distinct data layer or pull the Army's NGC2 application baseline into SOCOM's information environment and use it differently. That is a practical integration problem with direct consequences for fratricide prevention, targeting, reconnaissance, and joint force handoff.

The broader defence signal is that command-and-control modernization is becoming a shared operating layer. The value sits in data flow, applications, human workload reduction, and force integration, not just radios or screens. If SOF can plug into a conventional C2 architecture without losing mission flexibility, allied militaries will have a stronger argument for shared digital baselines across forces that historically procured separately.

04. Anthropic acquires Stainless

Why it mattersThe deal turns SDK and MCP generation into strategic AI platform infrastructure.

ActionWatch how quickly rival AI platforms replace Stainless-generated developer tooling and whether MCP server generation becomes a controlled advantage.

Anthropic announced that it is acquiring Stainless, the developer-tools company that generates SDKs, CLIs, and MCP servers from API specifications. The company says Stainless has generated every official Anthropic SDK since the early Claude API days and is used by hundreds of companies to turn APIs into native-feeling developer interfaces across TypeScript, Python, Go, Java, and other languages.

The important detail is the way Anthropic frames the deal. Its announcement says agents are only as useful as the systems they can reach, and Stainless sits precisely at that connection layer. SDKs and MCP servers are not glamorous model capabilities, but they determine how reliably developers and agents can interact with external tools, data, and business systems.

This is a platform-control move. The frontier model market has been discussed mostly through model quality, context windows, pricing, and enterprise adoption. Stainless points to a different competition: who controls the plumbing that makes agents useful in production. Owning that layer can improve Anthropic's developer experience, but it can also remove or weaken a shared dependency that other AI and cloud companies had been using.

The acquisition also clarifies where agent ecosystems are heading. Tool connectivity, API ergonomics, generated SDKs, and standardized server interfaces are becoming part of the product moat. The next phase of model competition may be less about a standalone chatbot and more about which vendor can make the broadest set of enterprise systems safely reachable by agents.

05. KPMG integrates Claude across its core business and workforce of more than 276,000

Why it mattersA professional-services rollout shows enterprise AI moving into governed work surfaces and client delivery channels.

ActionTrack whether KPMG publishes measurable cycle-time, tax, legal, private-equity, or vulnerability-remediation outcomes from the alliance.

Anthropic announced a global alliance with KPMG that will give Claude access to more than 276,000 employees across 138 countries and territories. KPMG is embedding Claude into Digital Gateway, the software surface its people and clients use for core work, starting with new tools for tax and legal clients. Anthropic is also naming KPMG a preferred partner for private equity, with the two companies planning to build Claude-powered products for portfolio companies.

The useful detail is that this is not presented as another general-purpose seat rollout. The announcement places Claude inside KPMG's work platform and ties the alliance to tax, legal, private equity, vulnerability work, and KPMG's Trusted AI framework. That makes the deployment about operating controls, client workflows, governance, and distribution, not just individual productivity.

Professional-services firms are becoming one of the main paths by which frontier AI enters regulated enterprise functions. They already sit inside tax, audit, legal, finance, cyber, and deal processes where clients need domain judgment and assurance. If Claude is embedded into those delivery channels, Anthropic gets more than usage. It gets a route into workflows where buyers care about trust, documentation, liability, and repeatable service methods.

The strategic tension is whether these alliances produce durable workflow products or simply subsidize another wave of consulting-led AI transformation. The signal is strongest where KPMG can prove that Claude changes cycle times, risk review, tax/legal work quality, or private-equity operating support without weakening accountability. That is where enterprise AI will be judged: not by seats deployed, but by governed work getting done.

06. AntV npm packages compromised via hijacked maintainer account

Why it mattersA broad package compromise hit visualization libraries and exposed how build systems become credential-harvesting surfaces.

ActionMonitor registry countermeasures, maintainer identity controls, package-cooldown proposals, and enterprise build isolation practices.

Security researchers reported a coordinated malicious publish wave across the AntV npm ecosystem after a maintainer account was hijacked. The affected package set included AntV visualization libraries and related packages such as echarts-for-react, size-sensor, timeago.js, and other widely used utilities. Several reports put the campaign above 300 compromised packages and hundreds of malicious versions pushed in a short automated burst.

The technical mechanism matters because the target was the build environment. Reports describe malware designed to harvest SSH keys, cloud credentials, Kubernetes configs, GitHub and npm tokens, Vault tokens, and configuration files from developer machines and CI systems. In other words, the package install was not just an endpoint event; it was a route into the credentials that let attackers move through software delivery pipelines.

The affected ecosystem also matters. Data visualization libraries sit inside dashboards, analytics interfaces, internal tools, and React applications. A compromised charting dependency can reach places that do not look like security infrastructure at all. The attack therefore reinforces a pattern from recent registry incidents: trusted developer convenience packages can become high-leverage paths into enterprise operations.

The industry lesson is that package trust has to become operational trust. Pinning versions, isolating builds, rotating credentials after exposure, requiring stronger maintainer authentication, and monitoring package-publish anomalies are no longer specialist hygiene. They are part of business resilience because the software supply chain is now a direct control surface for cloud accounts, source repositories, and production systems.

07. SEC prepares innovation exemption for tokenized stocks

Why it mattersThe regulatory question shifts from whether tokenization is possible to which market protections travel onto new rails.

ActionWatch whether the final exemption distinguishes issuer-sponsored tokens, third-party tokens, shareholder rights, and DeFi venue responsibilities.

Crypto Valley Journal reports that the U.S. Securities and Exchange Commission is preparing an innovation exemption that could let platforms offer tokenized versions of publicly traded securities. The article says the exemption could arrive before the end of May and could allow crypto platforms such as Coinbase to offer tokenized U.S. equities without immediately becoming full broker-dealers.

The market-structure detail is important. The article places the exemption alongside Wall Street's own tokenization moves, including DTCC pilot transactions planned for July 2026 and a wider tokenized-securities platform launch planned for October. It also reports more than 50 participating institutions, including BlackRock, Goldman Sachs, J.P. Morgan, Circle, Ondo Finance, and Ripple Prime, while estimating the on-chain tokenized-stock market at roughly $1.4 billion after recent growth.

This is not only a crypto story. It is a test of whether public-equity exposure can be detached from the traditional stack of exchanges, broker-dealers, settlement infrastructure, issuer controls, and investor-protection rules. If third-party tokens can track public-company shares without issuer approval or full market plumbing, regulators will have to decide which rights, disclosures, liquidity protections, and surveillance requirements remain essential.

The direction is clear even if the final rule is not. Tokenization is moving from pilot language into competitive market design. The likely fight will not be over whether equities can exist on-chain. It will be over who gets to intermediate them, how settlement and ownership claims are represented, and whether faster market access fragments investor protection or forces the legacy system to modernize.

08. McKinsey Quantum Technology Monitor 2026: A commercial tipping point

Why it mattersQuantum is framed less as distant science and more as a near-term strategic capability-building problem.

ActionTrack which industries move from exploratory quantum pilots to domain-specific road maps tied to risk, talent, and early value capture.

McKinsey's 2026 Quantum Technology Monitor argues that quantum technologies are approaching a commercial tipping point. The report describes a market moving beyond bespoke pilots and research demonstrations toward clearer road maps, early use cases, and leadership decisions about where quantum could create value or risk exposure.

The analysis emphasizes that leaders should not treat quantum as a binary wait-for-Q-Day event. Near-term hybrid computing approaches can already let companies run parts of workflows on quantum systems while keeping the rest classical. McKinsey also points to use cases across financial services, molecules, materials, logistics, supply chains, and optimization, while cautioning that road maps need to be tied to real business domains rather than generalized technology enthusiasm.

The strategic issue is capability timing. Waiting until fault-tolerant systems are fully mature may leave companies without the talent, partnerships, data, risk planning, or intellectual property needed to exploit the technology. Moving too early without a focused use-case strategy can waste capital. The report sits between those extremes by treating quantum as an emerging operating option that requires disciplined experimentation.

The broader signal is that frontier infrastructure is diversifying. AI has dominated executive attention, but quantum, advanced compute, and domain-specific optimization are becoming part of the same strategic capacity conversation. The organizations that matter may not be the ones buying the most hardware today; they may be the ones learning where quantum advantage would actually alter decisions, costs, or competitive position.

09. TELUS and Government of Canada advance work to scale Canada's sovereign AI infrastructure

Why it mattersCanadian AI sovereignty is becoming a physical compute, power, cooling, and district-energy buildout.

ActionWatch project financing, grid approvals, customer demand, public-sector workloads, and whether Canadian startups can actually access the capacity.

TELUS announced that it is working with the Government of Canada on a proposed Sovereign AI Factory cluster in British Columbia under the federal Enabling Large-Scale Sovereign AI Data Centres initiative. The plan would expand TELUS' existing Kamloops data centre and add two Vancouver facilities, with the cluster scaling to more than 60,000 GPUs and more than 150 megawatts by 2032.

The release ties the project to Canadian data sovereignty, high-performance AI compute, and clean-energy infrastructure. TELUS says the facilities will use 98 percent renewable energy, liquid cooling, heat recovery, and district-energy integration, with waste heat intended to help heat the equivalent of 150,000 homes. The company also says the cluster could generate about $9 billion in economic value for British Columbia and create construction and skilled operations jobs.

The important shift is that sovereignty is no longer just a cloud procurement preference or data-residency clause. It is physical infrastructure: grid capacity, GPUs, urban sites, cooling loops, fibre, district energy, and domestic operating control. Canada cannot have meaningful AI independence if Canadian firms, researchers, public institutions, and sensitive sectors must send their workloads to foreign-owned or foreign-governed compute at scale.

The project also raises the hard questions that come with industrial policy. Demand, access, price, environmental tradeoffs, government support, and regional benefits all have to be tested against the scale of the promise. The signal is still strong because it gives Canadian AI strategy a concrete infrastructure shape: domestic compute capacity is becoming part of national economic policy.

10. AI features and your website

Why it mattersGoogle is trying to pull AI-search optimization back into ordinary search fundamentals while AI Mode changes user behavior.

ActionTrack whether publishers accept Google's guidance or keep building separate GEO/AEO practices around citation measurement and AI surfaces.

Google Search Central's guidance on AI features tells site owners that the best practices for SEO remain relevant for AI Overviews and AI Mode. The page says there are no additional technical requirements to appear in AI Overviews or AI Mode beyond being indexed and eligible to appear in Google Search with a snippet, while still emphasizing helpful, reliable, people-first content and technical search fundamentals.

The practical detail is Google's attempt to collapse a growing optimization category back into existing SEO. As newsletters and marketing blogs debate AEO, GEO, llms.txt files, special AI markup, and AI-specific content tactics, Google is saying that its generative features are rooted in core Search ranking and quality systems. That does not mean visibility is unchanged, but it does mean Google is resisting a separate rulebook for AI search.

The market implication is bigger than a checklist. AI Overviews and AI Mode change how users encounter publishers, compare sources, and decide whether to click. If content teams only follow the letter of Google's guidance, they may miss the new measurement problem: impressions, citations, zero-click behavior, brand mentions, and source selection inside generated responses are not the same as classic blue-link rankings.

The best reading is that fundamentals still matter but the distribution surface has changed. Publishers and businesses need crawlable, useful, distinctive pages, but they also need to understand how their expertise is cited, summarized, or bypassed by AI-mediated search. The next advantage will come from combining old SEO discipline with sharper evidence about where AI search is actually sending attention.

11. Canadian Cyber News Rewire - 16/05/26

Why it mattersThe roundup surfaces Canadian cyber as a linked sovereignty, infrastructure, university, AI, and CAF-capability story.

ActionUse the roundup as a Canadian watchlist: sovereign AI infrastructure, CAF cyber command analysis, university breach response, and AI/quantum commercialization.

Canadian Cyber in Context's weekly rewire surveys Canadian cyber and adjacent stories for the week ending May 16. The roundup includes TELUS and Government of Canada work on sovereign AI infrastructure, TELUS data centre expansion in British Columbia, a reported security breach affecting Canadian universities, federal support for AI and quantum commercialization in British Columbia, and Global Affairs Canada's transformation implementation plan.

The editor also points to two new Canadian Global Affairs Institute papers on Canadian Armed Forces cyber operations and CAF Cyber Command. That matters because the Canadian cyber discussion often splits into separate lanes: public-sector modernization, defence cyber, private infrastructure, breach response, AI policy, and digital sovereignty. The roundup puts those lanes into one reading surface.

The Canadian signal is that cyber capacity is no longer just incident response. It touches compute sovereignty, university resilience, public-sector transformation, military organization, AI and quantum industrial policy, and telecom infrastructure. Those are different communities, but the underlying question is similar: what critical digital capability does Canada need to own, govern, or credibly influence?

The rewire is not a single investigative article, but it is valuable as a source map. It shows where Canadian cyber-relevant stories are clustering and which topics deserve follow-through from primary sources. For a Canada-aware morning brief, this kind of curated local source is important because many nationally relevant signals never become global technology headlines.

12. A Well-Adapted UK

Why it mattersThe wildcard scan found adaptation framed as a systems-governance and infrastructure-readiness problem.

ActionWatch how adaptation metrics evolve for infrastructure, health, food, water, housing, and finance rather than treating climate resilience as a single policy lane.

The UK Climate Change Committee published A Well-Adapted UK on May 20, setting out how the country should think about climate adaptation across connected systems. The report is built around existing targets and indicators for 14 systems and follows earlier advice on what a well-adapted UK should look like today and in the future.

The accompanying release says the British way of life is under threat from heat, flooding, and drought, and estimates that without adaptation the cost of climate change to public welfare could rise to between 1 and 5 percent of UK GDP by 2050 under a 2 degree Celsius warming level. That range is large, but the point is clear: adaptation is now being framed as an economic and public-welfare exposure rather than a distant environmental sidebar.

The report fits the day's infrastructure theme because adaptation depends on cross-sector operating capacity. Housing, transport, food systems, health, water, energy, insurance, local government, and land use cannot be made resilient through isolated policy targets. The work is coordination-heavy, data-heavy, and investment-heavy, with many benefits showing up as avoided losses rather than visible new products.

The broader lesson travels beyond the UK. Climate adaptation is becoming a governance problem for advanced economies: leaders need indicators that show whether resilience is improving, not only emissions metrics that show whether decarbonization is progressing. The countries and cities that build adaptation into ordinary infrastructure planning will likely have an advantage as extreme weather stops looking exceptional.

Related Links

Sources and references

Cited sources

  1. S01SourceBreaking Defense Daily / Breaking DefenseIndustrySpace Force names Sandhoo as head of new missile warning/tracking PAEhttps://breakingdefense.com/2026/05/space-force-names-sandhoo-as-head-of-new-missile-warning-tracking-pae/
  2. S02SourceDefenseScoopIndustry'Collaborative autonomy' development not moving fast enough for SOCOMhttps://defensescoop.com/2026/05/18/collaborative-autonomy-development-socom-acquisition/
  3. S03SourceBreaking Defense Daily / Breaking DefenseIndustrySpecial Forces joins Army's next-gen C2 prototype experimentshttps://breakingdefense.com/2026/05/going-to-change-everything-special-forces-joins-armys-next-gen-c2-prototype-experiments/
  4. S04SourceTLDR AI / AnthropicStrategyAnthropic acquires Stainlesshttps://www.anthropic.com/news/anthropic-acquires-stainless?pubDate=20250818
  5. S05SourceAnthropicStrategyKPMG integrates Claude across its core business and workforce of more than 276,000https://www.anthropic.com/news/anthropic-kpmg?939688b5_page=1
  6. S06SourceThe Hacker News / Socket and security-source expansionRiskAntV npm packages compromised via hijacked maintainer accounthttps://prismor.dev/blog/antv-npm-packages-compromised-supply-chain
  7. S07SourceTLDR Crypto / Crypto Valley JournalStrategySEC prepares innovation exemption for tokenized stockshttps://cryptovalleyjournal.com/focus/legal-and-compliance/sec-prepares-innovation-exemption-for-tokenized-stocks/
  8. S08SourceOnly McKinsey Perspectives / McKinseyChangeMcKinsey Quantum Technology Monitor 2026: A commercial tipping pointhttps://www.mckinsey.com/capabilities/mckinsey-technology/our-insights/mckinsey-quantum-technology-monitor-2026-a-commercial-tipping-point
  9. S09SourceCanadian Cyber in Context / TELUSIndustryTELUS and Government of Canada advance work to scale Canada's sovereign AI infrastructurehttps://www.telus.com/about/news-and-events/media-releases/TELUS-and-Government-of-Canada-advance-work-to-scale-Canadas-sovereign-AI-infrastructure
  10. S10SourceTLDR Marketing / Google Search CentralOpportunityAI features and your websitehttps://developers.google.com/search/docs/appearance/ai-features
  11. S11SourceCanadian Cyber in ContextRiskCanadian Cyber News Rewire - 16/05/26https://www.cyberincontext.ca/p/canadian-cyber-news-rewire-160526
  12. S12SourceClimate Change CommitteeRiskA Well-Adapted UKhttps://www.theccc.org.uk/publication/a-well-adapted-uk/
  13. S13SourceUseful secondary analysis on the developer-experience and enterprise-tooling implications.InfoWorld: Anthropic acquires Stainless to strengthen Claude's developer toolinghttps://www.infoworld.com/article/4172947/anthropic-acquires-stainless-to-strengthen-claudes-developer-tooling.html
  14. S14SourceOriginal reporting with download-scale context and the GitHub warning-closure detail.The Register: Shai-Hulud keeps burrowinghttps://www.theregister.com/cyber-crime/2026/05/19/shai-hulud-keeps-burrowing-314-npm-packages-infected-after-another-account-compromise/5242601
  15. S15SourceExplains the 28-page OT zero-trust guidance and its critical-infrastructure posture.AFCEA: CISA and Federal Partners Release Zero-Trust Guidance for Operational Technologyhttps://www.afcea.org/signal-media/cyber-edge/cisa-and-federal-partners-release-zero-trust-guidance-operational
  16. S16SourcePrimary guidance document from the Zero Trust Operational Technologies Security Working Group.IC3 PDF: Adapting Zero Trust Principles to Operational Technologyhttps://www.ic3.gov/CSA/2026/260429.pdf
  17. S17SourceUseful source-page context for how conditional exemptions and tokenized securities are being argued.SEC submission: Automated Market Makers, Tokenized Securities, and Technology Neutralityhttps://www.sec.gov/about/crypto-task-force/written-submission/ctf-written-input-galaxy-digital-041426

Related wiki pages

Continue the trail

Related posts

More from the blog

Infrastructure Becomes the Control Surface: Morning Brief, May 20, 2026 | Crashboard