[...]and not the much saver SHA3 which was not designed by the NSA?
Check the wiki page:
https://en.wikipedia.org/wiki/SHA-3It hasn't been standardized yet, and it wasn't created to improve upon SHA-2.
Also, what makes you think the NSA is more likely to hide a malicious and clever backdoor in the algorithm than any other group or organization? More importantly: I can understand the importance of decrypting communications, but what advantage could a group like the NSA gain from creating hash functions vulnerable to collision?