US Restricts Anthropic's Advanced AI Models Amid Dual-Use Cybersecurity Concerns

Anthropic took its Claude Fable 5 and Mythos 5 AI models offline late last week following a US government export-control directive that bars foreign nationals from accessing the services. The Trump administration imposed the restriction over concerns that Fable 5's safety guardrails could be circumvented to unlock the full capabilities of Mythos 5, which the government views as a national security risk. Anthropic has been negotiating with the White House since Friday to reach an agreement that would allow the company to restore access to these offerings.

Since Mythos debuted in April, Anthropic has been transparent about the model's dual-use nature. The system possesses advanced capabilities for identifying software vulnerabilities—useful for cybersecurity professionals and defensive purposes—but can also generate methods to exploit those same vulnerabilities, potentially enabling malicious actors. Recognizing this tension, Anthropic initially released Mythos Preview to a select consortium through Project Glasswing, a working group focused on responsible AI deployment. Mythos 5 followed with a similar limited release, while Claude Fable 5 was made available to the general public with built-in restrictions on responses related to biology and cybersecurity.

Despite the government action, experts and security researchers argue that restricting Anthropic's models addresses only a symptom of a broader technological trend. Tarah Wheeler, chief security officer at cybersecurity firm TPO Group, noted that competitors likely already possess or are developing comparable capabilities while observing how regulators treat Anthropic. OpenAI, for instance, conducted a private release of its own cybersecurity-focused model in mid-April. Security researcher Bruce Schneier emphasized that smaller, cheaper, and open-source models—through refined prompting or combination—can match Mythos and Fable's performance within months.

Anthropric's own leaders have underscored this reality. Logan Graham, the company's frontier red team lead, stated in April that the focus should be on preparing for a world where these capabilities become broadly available within 6 to 24 months. A coalition of cybersecurity leaders signed an open letter to the administration on Sunday arguing that the export-control directive misses the point, as existing AI models can already be used for advanced vulnerability research with proper techniques.

Experts contend that the government's approach is myopic and that policymakers must shift focus from restricting individual models to developing comprehensive, transparent, and democratic strategies for managing AI advancement. The current regulatory clash between the Trump administration and Anthropic masks an uncomfortable truth: advanced AI capabilities with dual-use potential will proliferate across the industry regardless of restrictions on any single company or model.