Anthropic, the AI lab behind the Fable and Mythos models, suspended them worldwide after a US export control order; the signers, who use them to find software vulnerabilities, say the policy strips defenders of tools at a moment when adversaries are rapidly advancing.
When the U.S. government ordered Anthropic to restrict exports of its most powerful models last week, the company did something broader. It suspended access to those models for every user, everywhere. The decision left a named group of cybersecurity practitioners who had been running those models against software to find vulnerabilities suddenly without the tools they had come to rely on.
On Monday, 76 of them went public with an open letter asking Washington to reverse the order. The signatories include former Facebook chief security officer Alex Stamos, cryptographer Jon Callas, Luta Security founder Katie Mossouris, social-engineering specialist Rachel Tobac, DNS pioneer Paul Vixie, security researcher Dino Dai Zovi, and bug-bounty platform founder Casey Ellis, a cross-section of the people whose actual job is to find and fix the bugs that adversaries exploit.
"The United States government has, through an export control order, taken the best models away from those of us who use them to find vulnerabilities in software and improve the security of products," the letter says, according to TechCrunch's reporting on the campaign. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous."
The export order, dated Friday June 12, covers Anthropic's Fable and Mythos models, the company's frontier systems, which outside researchers had been using alongside Anthropic's own teams to find software flaws and improve product security. Anthropic, in a statement reported by TechCrunch, said the U.S. government cited "national security concerns" as the basis for the order but did not publicly specify what those concerns were. The government has not, as of Monday, put a public explanation on the record, according to the same TechCrunch report.
Anthropic's response was to pull the models from everyone, not just non-U.S. users. In a statement reported by TechCrunch, the company said it was suspending access to Fable and Mythos worldwide while it evaluated the order's scope. That choice turned a measure aimed at adversaries, on the government's stated reasoning, into a cut in the offensive-defensive balance the letter's signers say they were already losing.
The defenders' argument, in their own words, is that frontier AI capabilities have become a working tool for legitimate security work. The signatories, the letter says, use Fable and Mythos to find vulnerabilities in software and improve the security of the products they defend. The order, the letter argues, takes those capabilities away at a moment when "our adversaries are rapidly advancing."
The government's stated rationale remains the unspecific phrase "national security concerns." That phrase can mean many things in the AI export-control context: a fear that adversaries will use the models to design cyberattacks, a concern that the models themselves reveal training data or methods that should not leave the country, or a calculation about the geopolitical signal of letting a U.S. lab's frontier systems run on servers abroad. None of those explanations have been put on the record. The defenders' argument is that, whatever the reason, the right shape of the order is one that distinguishes between foreign adversaries and the U.S.-based researchers, vendors, and incident responders who are trying to stop them.
What that distinction would look like in practice is the unresolved piece of the story. Export-control orders can, in other contexts, be written to exempt specific classes of users, to allow case-by-case licensing, or to apply only above a capability threshold. The letter does not propose a specific mechanism; it asks for the order to be lifted and for the government to consult defenders before any replacement is drafted.
The next tell will be whether the order is published, narrowed, or quietly allowed to lapse, and whether defenders get a seat at the table before the next one is drafted.