In short
The Trump administration has restored limited access to Anthropic’s Mythos 5 for more than 100 U.S. agencies and companies after a brief ban over cybersecurity concerns. The move allows non-U.S. employees at approved organizations to use the model, while Fable 5 remains unresolved.
- Mythos 5 can now be used by more than 100 approved U.S. agencies and companies.
- Non-U.S. employees at those organizations are also allowed access again.
- The government has not yet cleared Anthropic’s related model, Fable 5.
- The decision reflects a more targeted U.S. approach to AI cybersecurity risk.
- Anthropic says it is still working to expand access further.
The Trump administration has reversed course on a sweeping restriction that forced Anthropic to remove its most advanced cybersecurity-focused model from the market just two weeks ago. Under a new federal directive, Anthropic’s Mythos 5 can once again be used by more than 100 named U.S. government agencies and companies, including by non-U.S. employees at those organizations.
The move marks a sharp softening in Washington’s stance after the original order had effectively locked out foreign nationals at approved institutions — a category that also included Anthropic employees who are not American citizens. While the government’s latest decision opens the door back up for Mythos 5, it does not yet resolve the status of Fable 5, a related model that Anthropic had briefly pushed more broadly before both systems were pulled from circulation.
The decision underscores how quickly the U.S. government is evolving its approach to frontier AI models that can be used for both defense and offense in cybersecurity. It also highlights the tension between safety controls, economic access, and the practical needs of large organizations that rely on multinational teams.
What changed in the government’s position
According to reporting from Semafor and Reuters, Commerce Secretary Howard Lutnick informed Anthropic chief compute officer Tom Brown in a Friday letter that the administration had found “appropriate safeguards” to allow certain trusted partners to access Mythos 5. That language is notable because it suggests the government is no longer treating access as a blanket national-security risk, but rather as a question of risk management, vetting, and controlled deployment.
In practical terms, the policy shift means Mythos 5 can be redeployed to a specific set of U.S. organizations that are considered important enough to merit continued access. Those organizations include entities involved in critical infrastructure, along with other agencies and companies that were named in the original approval list.
Anthropic publicly confirmed the development on Friday, saying it had been working with the federal government since June 12 to restore access to Mythos 5 and Fable 5. The company said the latest notification allows Mythos 5 — which it describes as its strongest cybersecurity model — to return to use by a group of U.S. organizations that operate and protect critical infrastructure. Anthropic also said it is continuing discussions aimed at broadening access further and eventually making Fable 5 available again for general use.
Anthropic said the government had informed it that Mythos 5 could be redeployed to selected U.S. organizations responsible for defending critical infrastructure, and that work was continuing to expand access and restore Fable 5.
Why Mythos 5 was pulled in the first place
The reversal comes after a fast-moving and unusual episode in the AI sector. Anthropic had originally withdrawn Mythos 5 and Fable 5 following a ban that the company said made it impossible to keep the models in circulation under the new rules. The original order was prompted by cybersecurity concerns tied to who could access the models, and it went beyond the usual debates about model safeguards by specifically restricting non-Americans from using them.
That restriction was especially consequential because many major U.S. technology companies, defense contractors, and government-adjacent organizations rely on workforces that include non-U.S. citizens. Anthropic itself was affected, since its own non-American staff were initially barred from using the systems.
Mythos 5 was singled out because it is designed for advanced cybersecurity work, the sort of use case where AI can help defenders write code, detect vulnerabilities, and analyze threats — but where the same capability can also be misused to assist attackers. The concern around dual use is what made the policy dispute so consequential.
Fable 5, meanwhile, was released widely for a short period before the ban because it was said to include more protections. But those protections appear not to have held up to scrutiny. Security researchers reportedly found that the guardrails could be bypassed relatively easily, which led to both models being withdrawn.
The broader stakes: AI models as national security tools
This episode is about more than one company’s product rollout. It is part of a much larger debate over whether cutting-edge AI systems should be regulated like sensitive software, controlled like export-restricted technology, or treated more like general-purpose cloud services.
Cybersecurity is one of the clearest examples of why frontier models are so hard to govern. The same system that can help a federal agency detect malicious code could also be used to generate phishing campaigns, map attack surfaces, or accelerate exploit development. As models become more powerful, policymakers are being forced to decide how much access is too much access — and who gets to make that call.
The Trump administration’s new position suggests a more selective approach. Rather than imposing a broad prohibition, the government appears to be carving out access for organizations it views as trustworthy and operationally important. That could reflect a growing recognition that blanket restrictions may be too blunt for a technology stack now used across defense, infrastructure, and enterprise security.
Trusted partners and controlled access
The wording of Lutnick’s letter — particularly the phrase “appropriate safeguards” — points to a model in which access is governed through trust relationships rather than one-size-fits-all rules. That approach has advantages:
- It preserves access for organizations with legitimate cybersecurity needs.
- It gives federal authorities a way to narrow distribution without fully shutting down deployment.
- It may reduce friction for multinational teams working on security operations.
But the approach also raises familiar questions. Who qualifies as a trusted partner? What counts as enough protection? And how will the government monitor whether access remains limited to the intended users?
Those questions matter because AI security tools can spread quickly once they are embedded into workflows. Even if access is limited on paper, the operational reality of large organizations can make enforcement difficult.
What the policy means for Anthropic
For Anthropic, the decision is an important partial victory. The company had positioned Mythos 5 as its strongest cybersecurity model, and the inability to distribute it broadly threatened to undercut both its product strategy and its credibility in one of the most commercially promising segments of the AI market.
Anthropic has been trying to distinguish itself from rivals by emphasizing safety, alignment, and enterprise readiness. That message is harder to sustain when a flagship model is suddenly removed over access and guardrail concerns. Restoring Mythos 5 to approved users gives the company a path back into the market, even if only for a restricted set of customers at first.
At the same time, the episode shows the downside of building products that sit close to the boundary between helpful automation and offensive capability. Security-oriented AI may be valuable, but it also invites heightened scrutiny from regulators who are increasingly wary of misuse.
Fable 5 still sits in limbo
One unresolved issue is the future of Fable 5. The government’s latest directive, at least based on the reports cited, does not mention it. Anthropic had said it was working to restore both models, but only Mythos 5 appears to have received clearance so far.
That creates an uneven outcome. The model with the strongest cybersecurity emphasis can return for selected users, while the more publicly released variant remains in limbo. Anthropic’s next challenge will be to convince officials that Fable 5 can be made safe enough for wider distribution.
If the company succeeds, it would likely need to show not just that the model is constrained in theory, but that those controls remain effective in practice even under adversarial testing.
How the reversal unfolded
The timeline moved quickly. The initial ban and Anthropic’s withdrawal came only two weeks before the latest announcement. Since then, the company says it has been in active discussions with the federal government, trying to restore access for permitted users.
That cadence suggests that the restrictions were never intended to be permanent, but rather part of an emergency response to perceived security weaknesses. Once the government became satisfied that certain protections were in place, it appears to have opted for a targeted reopening rather than continuing the lockout.
The speed of the policy shift also reflects the pressure policymakers face in AI. Security concerns can emerge overnight, but the need for practical tools does not disappear. Government agencies and critical infrastructure operators are likely to push for access to systems that can help them defend against increasingly sophisticated digital threats.
| Event | What happened | Implication |
|---|---|---|
| June 12 | Anthropic says it began working with the U.S. government to restore access | Signals active negotiations after the models were pulled |
| Two weeks before the reversal | Mythos 5 and Fable 5 were withdrawn following a ban affecting access for non-Americans | Models were removed over cybersecurity and access concerns |
| Friday directive | Commerce Secretary Howard Lutnick said safeguards were sufficient for trusted partners | Mythos 5 can return to selected U.S. organizations |
| Same day public statement | Anthropic said it is restoring access and working to expand availability | Company hopes to broaden use beyond the initial limited group |
Why the non-U.S. employee issue mattered so much
The original restriction was controversial not only because it limited access to a powerful model, but because it did so on the basis of nationality. That created immediate problems for large organizations with international staff and for Anthropic itself.
In a global technology industry, nationality-based restrictions can be difficult to implement without hampering collaboration. Research teams, security teams, and software engineers often work across borders and time zones. Excluding non-U.S. employees can slow deployments, complicate compliance, and create internal inequities.
It also raised broader questions about whether cybersecurity AI should be governed by citizenship status at all. Some policymakers may see that as a necessary national-security filter. Others may view it as overly blunt, especially when the same organizations need all of their technical staff to evaluate threats and verify safeguards.
The latest decision appears to acknowledge those practical limitations by allowing non-American employees at approved organizations to regain access. That change may prove as significant as the model itself, because it restores usability for complex teams rather than just for a small subset of domestic personnel.
The market context: enterprise AI is getting more political
The Anthropic episode comes as enterprise AI becomes increasingly entangled with policy and geopolitics. Companies are racing to release more capable models while governments worry about misuse, export control, cyber operations, and competitive advantage.
For vendors, this means the sales process is no longer just about benchmark scores, product quality, and pricing. Access, residency, compliance, and identity controls are becoming core features. In some cases, government approval may be as important as technical performance.
That shift could benefit companies with strong trust-and-safety reputations, especially those willing to work closely with regulators. But it also introduces uncertainty. A model can be launched, withdrawn, reopened, or constrained in the span of days depending on political and security assessments.
Anthropic’s experience may become a case study for the entire industry: even highly capable, commercially important models can be forced into a restricted distribution regime when the government concludes that the risk profile has changed.
What to watch next
- Whether Fable 5 is eventually cleared for wider release.
- How many additional organizations are added to the approved access list.
- Whether Anthropic changes how it markets or limits Mythos 5 going forward.
- Whether regulators use this case to shape future AI access rules for cybersecurity tools.
The bigger takeaway
The administration’s decision is not a full rollback, but it is a meaningful concession. It suggests the U.S. government is willing to allow limited use of powerful AI security models when it believes safeguards are sufficient and the organizations involved are strategically important.
For Anthropic, that means Mythos 5 is back — but only in a controlled setting, and only after a brief but revealing regulatory clash. For the broader AI industry, the episode shows that the next frontier in model governance may not be whether a system can be released at all, but who gets to use it, under what conditions, and with what kind of oversight.
As the line between defensive cybersecurity and offensive capability becomes harder to draw, those questions are likely to recur. This time, the government chose access with guardrails. Next time, the answer may be different.
Summary of the policy shift
Anthropic says it is now moving quickly to restore access for the approved U.S. organizations that rely on Mythos 5 for cybersecurity work. The company has not yet said when Fable 5 might return, and the administration has not publicly explained whether that model will face a separate review.
But the signal from Washington is clear: the door is open again, at least partway, for one of Anthropic’s most sensitive models.
