Trump Admin Clears Anthropic's Mythos 5 for 100-Plus US Defenders
After a two-week ban, Washington has let Anthropic redeploy its strongest cyber model to critical-infrastructure firms - and quietly opened a door for their Indian engineers too.
The News
The Trump administration has lifted its block on Anthropic's most powerful cybersecurity model, Mythos 5, clearing it for use by more than 100 American companies and government agencies. Commerce Secretary Howard Lutnick notified the company of the approval on 26 June 2026, according to TechCrunch.
The model had been pulled from service alongside Fable 5 for roughly two weeks after security researchers allegedly bypassed its safety guardrails. Anthropic began working with the government to restore access on 12 June, and the new directive permits trusted partner organisations to deploy Mythos 5 again, specifically for defending critical infrastructure.
Crucially, the authorisation extends beyond US citizens. Lutnick's letter allows the partner firms to grant access to their non-American employees, as well as to Anthropic's own international staff. In a public note, Anthropic said its "strongest cybersecurity model" could be redeployed to organisations that "operate and defend critical infrastructure". Lutnick wrote that "appropriate safeguards are in place" for these trusted partners. Fable 5, the consumer-facing model, was not addressed in the order and remains in limbo.
Why It Matters
This is one of the clearest signals yet that frontier AI has become a matter of national-security policy rather than ordinary commercial software. A government deciding which named organisations may run a specific model, and which employees may touch it, looks far closer to export-controlled defence technology than to a normal cloud product.
The precedent echoes the 2022 chip export rules, when Washington first carved the global compute market into trusted and restricted tiers. Back then the controls targeted hardware. Now the unit of control is the model itself, and the trigger was a safety failure rather than a geopolitical rival. That shift matters: it means a single jailbreak can take a commercial product offline for an entire customer base, then return it under conditions set by a cabinet secretary.
For the wider industry, the episode hands regulators a working template. Pull the model, negotiate, then reissue access to a vetted list. Every lab selling powerful security tooling now knows that template exists.
Indian Angle
The most consequential line for India is the clause covering non-American employees. Anthropic and its enterprise customers run large engineering and security operations staffed heavily by Indian nationals, both in the United States and in India-based delivery centres. By explicitly permitting these workers to use Mythos 5, the order avoids stranding the very teams that often keep infrastructure software running. Had it gone the other way, Bengaluru and Hyderabad security desks could have been locked out of a tool their American colleagues relied on.
There is a sharper lesson for policymakers in New Delhi. India's critical infrastructure, from the national power grid to UPI rails, increasingly leans on foreign frontier models for threat detection. This episode shows how quickly that access can be suspended by another country's domestic politics. It strengthens the case behind the IndiaAI Mission and sovereign efforts from Sarvam and Krutrim to build security-grade models that CERT-In and the RBI can depend on without foreign sign-off.
For Indian enterprises, the practical takeaway is contractual. Buyers should now ask vendors what happens to their access if a model is withdrawn in its home jurisdiction, and whether a local fallback exists.
FAQ
What is Mythos 5?
It is Anthropic's most powerful cybersecurity-focused AI model, built to help defend critical infrastructure. It was withdrawn for about two weeks after researchers reportedly bypassed its safety protections, and has now been cleared for limited redeployment.
Who can use it now?
More than 100 vetted US companies and government agencies that operate or defend critical infrastructure, including their non-American employees and Anthropic's international staff.
What about Fable 5?
The 26 June directive did not cover Fable 5, the consumer-facing model. It remains unavailable, with no published timeline for its return.
Why should Indian firms care?
The case shows foreign model access can be suspended by another government overnight. Indian buyers relying on such tools for security should plan for sovereign or local fallbacks.
This story was reported by TechCrunch. Read the full original coverage at TechCrunch.