Cybersecurity vets are protesting the US government’s “dangerous” ban on the most powerful anthropic models

A group of dozens of cybersecurity experts, including many well-known industry veterans, Published an open letter To the United States Government requesting that it lift the export control order on Anthropic’s Fable and Mythos models.

According to the open letter, “this action has taken the best models away from (cybersecurity) defenders” who now cannot use the models to find vulnerabilities and make their software and products more secure.

“Taking the best capabilities away from defenders without good reason when our opponents are advancing rapidly is dangerous,” the letter read.

Friday, The US government ordered Anthropic to limit the export of Fable and Mythos Citing national security concerns, without explaining the specific reasons behind the order, According to Anthropic. In response the company Pending access To models for all users around the world.

As of this writing, the letter has been signed by 76 cybersecurity experts, including: former Facebook security chief Alex Stamos; Casey Ellis, founder of bug bounty platform Bugcrowd; Renowned crypto designer and former Apple design and architecture director, John Callas; computer scientist Paul Fixie; Dino Dei Zoffi, former Head of Applied Security Engineering at Block; Katie Moussouris, founder of Luta Security; and Rachel Toback, CEO of security awareness training company SocialProof Security.

When Mythos Fired As a preview in April, Anthropy He claimed It was so strong at finding vulnerabilities that the company needed to severely restrict access to prevent malicious hackers or foreign adversaries from using it to wreak havoc online. In practice, this meant that Anthropic gave about 50 companies initial access to Mythos, This group has recently expanded To include about 150 organizations in 15 countries.

last week, Anthropy released a mytha generic version of Mythos that the company said contains strict guardrails to prevent its use in the fields of biology, chemistry and cybersecurity, as well as to prevent others from Distillation model In order to recreate it. Fable’s guardrails were so stringent that many cybersecurity experts I found that it essentially stopped any cybersecurity claims.

Anthropic said the White House’s export control order may have been based on a report that there was a way to bypass — or so-called jailbreak — Fable to unlock its powerful Mythos-level capabilities.

According to Katie Moussouris, one of the signatories of the open letter, the method was demonstrated by Amazon researchers in a non-public paper, but she has reviewed it.

Moussouris goal he said in a blog post That paper didn’t actually prove a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with “intentionally planted vulnerabilities,” after the model initially refused to “review the code for security issues.”

“The behavior described in the paper cannot be meaningfully reformed, and any attempt would only weaken the defense model,” Moussouris wrote. “Defenders should be able to ask the AI ​​to fix errors in a file, explain why the fix is ​​important, and write tests that confirm the patch worked. This isn’t guardrail crossing. It’s the most valuable thing an AI model can do for defensive security: perform search and fix operations and test for defenders running the loop every day.”

Moussouris’ criticisms were echoed in the open letter, which also said the expert group believes the method in the Amazon paper “can be replicated” on OpenAI’s GPT-5.5, on Anthropic’s publicly available Claude Opus 4.8 and Sonnet, “and even Chinese models like Kimi 2.7.”

The letter also called for regulations that are applied transparently and fairly through a “democratic rule-making process” that is based on scientific research conducted by industry and academic experts, and “used only to the minimum extent necessary to ensure the safety of the American public.”