For artists and makers relying on generative tools, the recent shutdown of Anthropic‘s most powerful models signals a brutal reality: regulatory overreach is already stifling the very capabilities we need to secure our work. The company pulled its new Claude Fable 5 and Mythos 5 systems offline after a US government directive barred any foreign national from accessing the services. Despite ongoing talks with the White House since Friday, no agreement has been reached to restore access.
The dual-use dilemma
Since Mythos debuted in April, Anthropic has warned that these systems possess advanced abilities to identify software vulnerabilities for defenders while simultaneously offering pathways for exploitation by malicious actors. The company highlighted this inherent conflict in its launch announcement. “A great deal of advanced usage of AI models is dual use: the same queries that are beneficial in the hands of cybersecurity professionals and biology researchers could be dangerous if available to malicious actors,” the firm stated in a blog post last week.
To manage this risk, Anthropic initially rolled out a limited version called Mythos Preview to a select consortium via Project Glasswing. Mythos 5 was also privately shared with this group last week. Meanwhile, Claude Fable 5, which matches Mythos-grade performance, was released to the public but included specific blocks preventing responses on biology and cybersecurity topics.
Regulatory friction and security gaps
At the end of last week, the Trump administration moved to restrict both models, arguing that Fable 5’s safety guardrails could be disabled to unlock full Mythos 5 capabilities, posing a national security threat. However, experts argue this institutional clash merely delays an inevitable truth: Anthropic is just the vanguard. Capabilities similar to Mythos 5 from multiple companies and open-weight developers will almost certainly emerge in the near future—if they have not already.
“It’s myopic in the extreme to think that no other competitors to Anthropic will develop similar capabilities to Mythos or even that they have not already done so,” says Tarah Wheeler, chief security officer of TPO Group. “There are other companies hot on Anthropic’s heels who probably have the capabilities, too, and are holding them in reserve as they see how Anthropic is being treated in the current regulatory environment.”
Anthropic has consistently emphasised this broader context. “The real message is that this is not about the model or Anthropic,” Logan Graham, the company’s frontier red team lead, told WIRED when Mythos Preview launched in April. “We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months.”
This isn’t isolated to one firm. OpenAI, for instance, released a cybersecurity-focused model privately in mid-April and announced an expanded security strategy. Researchers note that even before this next generation, existing AI offerings could be leveraged for advanced vulnerability hunting and exploit development with a refined approach. A large group of cybersecurity leaders emphasised this point in an open letter to the administration on Sunday, arguing the export-control directive was misguided.
Looking beyond single models
“It’s not one model; it’s the general trend of technology,” says Bruce Schneier, a researcher at Harvard University and the University of Toronto. “Smaller, cheaper, open-source models, sometimes by themselves and sometimes in concert with each other, can match Mythos/Fable’s performance with more sophisticated prompting. And we should expect other models to match Mythos/Fable’s creativity and tenaciousness within months—slightly longer for open-source models.”
What governments need to focus on is democratically developing broader, more transparent plans to contend with inevitable advances in AI capabilities across cybersecurity and other sensitive areas. “The policy question is not whether a technology has risk,” says Chris Wysopal, cofounder of Veracode. “The question is whether a specific restriction meaningfully reduces that risk or whether it mainly slows down the people trying to make systems safer.”
Key takeaways
- Regulatory restrictions on specific models like Mythos 5 are failing to stop the underlying trend of advanced AI capabilities emerging elsewhere.
- Competitors and open-source developers are likely already holding back similar capabilities, waiting to see how regulators react to the current landscape.
- Policymakers must shift focus from blocking individual tools to creating transparent frameworks that do not inadvertently slow down security improvements.
Stay ahead of AI. Get the most important stories delivered to your inbox — no spam, no noise.
