Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models
A group made up of dozens of cybersecurity experts urged the White House to remove export control restrictions on Anthropic’s models Fable and Mythos, arguing that the order is going to limit the ability of cybersecurity defenders to secure their software and products.
A group made up of dozens of cybersecurity experts, including several well-known veterans of the industry, published an open letter to the U.S. government asking it to lift the export control order on Anthropic’s Fable and Mythos models.
According to the open letter, “this action has taken the best models away from [cybersecurity] defenders” who now can’t use the models to find vulnerabilities and make their software and products more secure.
“To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” read the letter.
On Friday, the U.S. government ordered Anthropic to limit the export of Fable and Mythos citing national security concerns, without explaining the specific reasons behind the order, according to Anthropic . In response, the company suspended access to the models to all users worldwide.
As of this writing, the letter is signed by 76 cybersecurity experts, including: former Facebook chief of security Alex Stamos; Casey Ellis, the founder bug bounty platform Bugcrowd; famed cryptographer and former Apple security design and architecture manager Jon Callas; computer scientist Paul Vixie; Dino Dai Zovi, the former head of applied security engineering at Block; Katie Mossouris, the founder of Luta Security; and Rachel Tobac, the CEO of the security awareness training firm SocialProof Security.
When Mythos launched as a preview in April, Anthropic claimed it was so powerful at finding security vulnerabilities that the company needed to tightly restrict access to prevent malicious hackers or foreign adversaries from using it to cause havoc on the internet. In practice, that meant Anthropic gave around 50 companies initial access to Mythos, recently expanding that group to include around 150 organizations in 15 countries.
Last week, Anthropic released Fable , a public version of Mythos that the company said had strict guardrails to block its use in the fields of biology, chemistry, and cybersecurity, as well as to stop others from distilling the model in order to recreate it. The guardrails on Fable were so strict that many cybersecurity experts found that it stopped essentially any prompts related to cybersecurity .
Anthropic said that the White House export control order may have been based on a report that there was a method to bypass — or so-called jailbreaking — Fable to unlock its powerful Mythos-level capabilities.
Contact Us Do you have more information about the Amazon paper that prompted the ban? We’d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email .
According to Katie Moussouris, one of the signatories of the open letter, the method was demonstrated by Amazon researchers in a paper that is not public, but that she has reviewed.
But Moussouris said in a blog post that the paper did not actually demonstrate a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with “deliberately planted vulnerabilities,” after the model initially refused to “review the code for security issues.”
“The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense,” Moussouris wrote. “Defenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.”
Moussouris’ critique was echoed in the open letter, which also said that the group of experts believe the method in the Amazon paper “can be replicated” on OpenAI’s GPT-5.5, on Anthropic’s own publicly-available Claude Opus 4.8 and Sonnet, “and even Chinese models like Kimi 2.7.”
The letter also asked for transparently and fairly enforced regulations created by “a democratic rule-making process” that are based on scientific research done by industry and academic experts, and “used only to the minimal extent necessary to ensure the safety of the American public.”
When you purchase through links in our articles, we may earn a small commission . This doesn’t affect our editorial independence.
Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.
You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com , via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.
Get an inside look at what it takes to scale and succeed from leaders at Mach Industries, Founders Fund, and Shinkei Systems. Through candid fireside chats and high-impact networking, you’ll walk away with valuable insights and new connections.
The FBI built its own replica small town to simulate real-world cyberattacks Zack Whittaker
The FBI built its own replica small town to simulate real-world cyberattacks
The FBI built its own replica small town to simulate real-world cyberattacks
Meta’s months-old AI unit is a soul-crushing gulag, say the engineers stuck inside it Connie Loizos
Meta’s months-old AI unit is a soul-crushing gulag, say the engineers stuck inside it
Meta’s months-old AI unit is a soul-crushing gulag, say the engineers stuck inside it
Jeff Bezos’s Prometheus raises $12B to build an ‘artificial general engineer’ for the physical world Marina Temkin
Jeff Bezos’s Prometheus raises $12B to build an ‘artificial general engineer’ for the physical world
Jeff Bezos’s Prometheus raises $12B to build an ‘artificial general engineer’ for the physical world
Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable Lorenzo Franceschi-Bicchierai
Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable
Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable
Google just fired a warning shot in the AI subscription price wars Lucas Ropek Connie Loizos
Google just fired a warning shot in the AI subscription price wars
Google just fired a warning shot in the AI subscription price wars
Anthropic’s Claude Fable 5 is a version of Mythos the public can access today Rebecca Bellan
Anthropic’s Claude Fable 5 is a version of Mythos the public can access today
Anthropic’s Claude Fable 5 is a version of Mythos the public can access today
It’s not FAANG anymore. It’s MANGOS. Julie Bort
Key takeaways
- The U.S. ban may limit cybersecurity defense capabilities, directly impacting software security in Brazil.
- The lack of transparency in export decisions can create uncertainties in the global tech ecosystem, including Brazil.
- Pressure from security experts may lead to a reassessment of access policies for AI technologies.
Editorial analysis
The recent controversy surrounding the U.S. government's ban on Anthropic's Fable and Mythos models raises significant questions for the tech sector in Brazil and globally. The restriction on access to these advanced AI tools, which are crucial for detecting vulnerabilities in software, could directly impact the ability of cybersecurity companies to protect their products. In Brazil, where digitalization is rapidly advancing, the reliance on robust security technologies is even more critical, especially as the country faces an increase in cyber threats.
Moreover, the situation highlights a larger dilemma regarding AI regulation and national security. While protecting against the malicious use of advanced technologies is valid, limiting access for defenders can create an imbalance in the digital battleground. The lack of transparency in the U.S. government's decisions also generates uncertainties, not only for American companies but for the global tech ecosystem, including startups and established firms in Brazil seeking innovation in cybersecurity.
Looking ahead, it will be crucial to monitor how Anthropic and other AI companies respond to these restrictions and whether there will be a reassessment of export policies that might allow for more balanced access. The pressure from cybersecurity experts may influence changes in regulatory approaches, especially if there is a growing recognition that collaboration and technology sharing are essential to address evolving cyber threats. Brazil, with its growing tech community, could benefit by positioning itself as a champion of responsible innovation, seeking partnerships that promote security without compromising technological advancement.
Ultimately, the situation underscores the importance of ongoing dialogue between regulators, technology developers, and security experts. Building an ecosystem that fosters innovation while protecting against abuses will be key to ensuring that Brazil and other countries can compete in an increasingly complex and challenging global landscape.
What this coverage includes
- Clear source attribution and link to the original publication.
- Editorial framing about relevance, impact, and likely next developments.
- Review for readability, context, and duplication before publication.
Original source:
TechCrunch AIAbout this article
This article was curated and published by AIDaily as part of our editorial coverage of artificial intelligence developments. The content is based on the original source cited below, enriched with editorial context and analysis. Automated tools may assist with translation and initial structuring, but publication decisions, factual review, and contextual framing remain editorial responsibilities.
Learn more about our editorial process