The White House Panicked Over One AI Model and Now Wants to Regulate Everything
Mei-Lin ChenMei-Lin Chen
Curiosity
Download the Curiosity App for discussion, debates and more for free.
Download on theApp StoreGet it onGoogle Play

One AI model panicked the White House into reversing everything it claimed to believe about tech regulation.

I have been watching Washington fumble AI policy for years, and this week's story is the most revealing fumble yet. The Trump administration spent its first year in office dismantling Biden's AI safety framework, cheering deregulation at every turn, and letting David Sacks play AI czar with a philosophy that basically amounted to: build fast, ask questions never. Then Anthropic dropped Mythos, a model so capable at finding software vulnerabilities that the company refused to release it publicly. And suddenly the White House wants an FDA for AI.

This is not a principled policy evolution. This is panic dressed up as governance.

What Mythos actually did to Washington's brain

Here is what happened. Anthropic announced Claude Mythos Preview on April 7, a model the company itself described as too dangerous for public release. Mythos identified thousands of zero-day vulnerabilities across every major operating system and browser, many of them critical and some of them decades old. Anthropic restricted access to roughly 40 organizations through a program called Project Glasswing, including Apple, Amazon, JPMorgan Chase, and Palo Alto Networks.

The national security implications were real. The NSA was already using Mythos to assess vulnerabilities in government Microsoft software deployments even while other agencies were cut off from Anthropic's tools entirely. The Pentagon had declared Anthropic a supply chain risk after the company refused to remove guardrails on autonomous weapons and mass surveillance. A federal judge later called that designation "Orwellian."

Abstract digital code and cybersecurity visualization, representing the AI vulnerability threat at the center of the Mythos controversy.

So within weeks, the same administration that blacklisted Anthropic was inviting CEO Dario Amodei to the White House for what both sides called a "productive" meeting. Trump told CNBC that Anthropic was "shaping up" and that he thought they would "get along just fine." The whiplash is dizzying.

The policy reversal nobody wants to call what it is

On Day 1 of his second term, Trump rescinded Biden's AI executive order, which had required safety evaluations and reporting on models with military applications. Weeks later, JD Vance told the AI Action Summit in Paris that the future would be won "by building" — not "by hand-wringing about safety." Now the White House is weighing an executive order that would create a formal government vetting process for all new AI models before public release.

We're studying possibly an executive order to give a clear road map to everybody about how this is going to go and how future AIs should go through a process so that they're released to the wild after they've been proven safe — just like an FDA drug.

Kevin Hassett, National Economic Council Director, via Insurance Journal

An FDA for AI. From the administration that spent a year calling AI safety regulation a threat to American competitiveness. This is not a pivot. It is a confession.

The structural problem is that the government's evaluation capacity is embarrassingly thin. Congress approved $55 million for NIST's AI research work in January 2026 and up to $10 million to expand the agency, now rebranded as CAISI. A conservative think tank, the America First Policy Institute, said CAISI remains underfunded compared to peer institutes internationally.

The counterpunch argument, and why it does not hold up

Some will argue that the White House is doing the right thing by responding to a genuine threat. Mythos scored 73% on expert-level hacking tasks in independent testing by the UK's AI Security Institute — tasks no previous AI model could complete at all. That is a real number. The threat is real.

But here is the problem with that argument: cybersecurity researchers found that older, cheaper models could reproduce many of Mythos's headline results through clever orchestration. Researchers at Vidoc ran older Anthropic and OpenAI models against the same codebases and found the same vulnerabilities. The threat is not one model. It is the entire trajectory of the technology.

A vetting regime built around one dramatic product launch is not a safety framework. It is a press release.

Who actually controls the keys here, and why that is the real scandal

The deeper issue is one that CNBC and Fortune have both flagged: Anthropic's decision to restrict Mythos to a handful of American companies has created what one cybersecurity CEO called "tiers of haves and have-nots." Independent AI researchers have not been given access to verify Anthropic's claims or build defenses against the model.

Meanwhile, Anthropic's monthly lobbying spend grew by roughly 511% over Trump's second term, reaching $1.1 million per month by late 2025. The company lobbied against a 10-year moratorium on state AI regulation. Now the administration appears to be building precisely the oversight structure Anthropic advocated for — but with the government holding the keys.

I do not think that is a coincidence. I think a well-resourced company successfully lobbied its way into shaping the regulatory environment it will operate in. That is not safety policy. That is regulatory capture with better branding.

In our view, any regulatory guidance should systematically address these risks by opening the black box to scrutiny.

Gary McGraw, CEO, Berryville Institute of Machine Learning, via Fortune

What good oversight would actually look like

To be fair to the impulse here: pre-deployment evaluation is genuinely smart policy. The UK's AI Security Institute has operated a pre-deployment evaluation program for frontier models with formal access agreements covering Anthropic, OpenAI, Google DeepMind, and Meta. That is the good version of this idea.

What the US is building looks nothing like that. CAISI is underfunded, the proposed working group is stuffed with the same tech executives whose models need vetting, and the whole thing was triggered by one company's marketing campaign for a model it refuses to let independent researchers examine. The federal preemption push makes it worse: the Trump administration is simultaneously trying to block states from passing their own AI laws while offering no credible federal replacement.

Connecticut passed one of the most comprehensive state AI bills in the country on May 1, 2026. Colorado's AI Act is approaching its June 30 implementation date. States are doing the work Washington refuses to do. And the federal government's response is to try to preempt them while offering nothing in return.

Would you trust a vetting process designed by the same people who spent a year insisting no vetting was needed?