Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models

A group made up of dozens of cybersecurity experts, including several well-known veterans of the industry, published an open letter to the U.S. government asking it to lift the export control order on Anthropic’s Fable and Mythos models.

According to the open letter, “this action has taken the best models away from [cybersecurity] defenders” who now can’t use the models to find vulnerabilities and make their software and products more secure. 

“To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” read the letter.

On Friday, the U.S. government ordered Anthropic to limit the export of Fable and Mythos citing national security concerns, without explaining the specific reasons behind the order, according to Anthropic. In response, the company suspended access to the models to all users worldwide. 

As of this writing, the letter is signed by 76 cybersecurity experts, including: former Facebook chief of security Alex Stamos; Casey Ellis, the founder bug bounty platform Bugcrowd; famed cryptographer and former Apple security design and architecture manager Jon Callas; computer scientist Paul Vixie; Dino Dai Zovi, the former head of applied security engineering at Block; Katie Mossouris, the founder of Luta Security; and Rachel Tobac, the CEO of the security awareness training firm SocialProof Security. 

When Mythos launched as a preview in April, Anthropic claimed it was so powerful at finding security vulnerabilities that the company needed to tightly restrict access to prevent malicious hackers or foreign adversaries from using it to cause havoc on the internet. In practice, that meant Anthropic gave around 50 companies initial access to Mythos, recently expanding that group to include around 150 organizations in 15 countries.

Last week, Anthropic released Fable, a public version of Mythos that the company said had strict guardrails to block its use in the fields of biology, chemistry, and cybersecurity, as well as to stop others from distilling the model in order to recreate it. The guardrails on Fable were so strict that many cybersecurity experts found that it stopped essentially any prompts related to cybersecurity. 

Anthropic said that the White House export control order may have been based on a report that there was a method to bypass — or so-called jailbreaking — Fable to unlock its powerful Mythos-level capabilities. 

According to Katie Moussouris, one of the signatories of the open letter, the method was demonstrated by Amazon researchers in a paper that is not public, but that she has reviewed. 

But Moussouris said in a blog post that the paper did not actually demonstrate a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with “deliberately planted vulnerabilities,” after the model initially refused to “review the code for security issues.”

“The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense,” Moussouris wrote. “Defenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.”

Moussouris’ critique was echoed in the open letter, which also said that the group of experts believe the method in the Amazon paper “can be replicated” on OpenAI’s GPT-5.5, on Anthropic’s own publicly-available Claude Opus 4.8 and Sonnet, “and even Chinese models like Kimi 2.7.”

The letter also asked for transparently and fairly enforced regulations created by “a democratic rule-making process” that are based on scientific research done by industry and academic experts, and “used only to the minimal extent necessary to ensure the safety of the American public.”