Why the White House turned on Anthropic

Metacurity is the only daily cybersecurity briefing built for clarity, not agendas—no vendor spin, no echo chamber, just sharp, original aggregation and analysis of what actually matters to security leaders.

Each day, Metacurity is read by thousands of cyber leaders, including some of the industry's top CISOs, security architects, practitioners, vendors, analysts, and journalists.

If you rely on Metacurity to cut through the noise on policy, industry shifts, and security research, consider supporting us with a paid subscription. Independent coverage like this only exists because readers decide it’s worth it.

The Trump administration's unprecedented decision to block foreign access to Anthropic's most advanced artificial intelligence models appears to have been driven by more than a single technical vulnerability, according to reporting from multiple outlets that collectively point to a deeper breakdown in trust between the White House and one of the industry's most influential AI companies.

The immediate trigger for the administration's action was a report from Amazon researchers who discovered a way to bypass safeguards in Anthropic's newly released Fable 5 model and elicit information related to cybersecurity vulnerabilities. According to multiple reports, Amazon shared its findings with Anthropic before Amazon CEO Andy Jassy discussed the issue with administration officials, prompting a rapid government review of the model's capabilities.

The White House subsequently directed Anthropic to suspend foreign access to both Fable 5 and the more powerful Mythos model. Anthropic responded by taking both models offline entirely, cutting off access for domestic and international users alike. The company was reportedly given just 90 minutes to comply.

Yet multiple cybersecurity experts cited across various press reports questioned whether the vulnerability identified by Amazon was unique to Anthropic. Researchers, including Katie Moussouris and former OpenAI board member Helen Toner, argued that similar jailbreaks can be demonstrated against many frontier AI systems and that eliminating such vulnerabilities remains an unsolved technical challenge.

That has raised a broader question: if other leading AI models exhibit comparable behavior, why did the administration single out Anthropic?

Reporting from multiple outlets suggests the answer may lie in tensions that predated the Fable controversy. According to the Washington Post, administration officials had already grown concerned about Anthropic's management of access to Mythos, a highly capable model whose rollout had initially been coordinated with government officials. Some officials reportedly became alarmed when access expanded beyond an original group of vetted entities, including access granted to South Korea's SK Telecom, which some US officials viewed as presenting potential geopolitical concerns.

Several reports indicate White House officials viewed the Fable incident not simply as a technical problem but as evidence that Anthropic had failed to adequately communicate with regulators about the risks associated with its latest systems. According to the Wall Street Journal, some officials believe any resolution to the standoff should include acknowledgment from Anthropic that its rollout strategy and communications with the government could have been handled differently.

The result has become an early test of how the Trump administration intends to govern increasingly powerful AI systems. While the administration has largely promoted a light-touch approach to AI regulation, the Anthropic intervention demonstrated a willingness to use export-control authorities aggressively when national security concerns are perceived to be at stake.

The move has also reverberated far beyond Washington. Several foreign governments and technology leaders interpreted the restrictions less as a judgment about Anthropic's safety practices and more as a warning about dependence on American AI providers.

In comments reported by Bloomberg, Upstage CEO Sung Kim argued that the Anthropic restrictions underscored the need for countries such as South Korea to develop sovereign AI capabilities. If US policymakers can withdraw access to frontier models with little warning, he argued, nations must ensure they can build and operate advanced AI systems independently.

A similar argument appeared in commentary published by the Financial Times, which warned that the administration's actions could inadvertently accelerate adoption of Chinese AI models. The article argued that while U.S. officials intended the restrictions as a national security measure, foreign companies may instead conclude that American AI services have become politically unreliable. Because many Chinese models can be self-hosted and increasingly rival U.S. systems on performance, sudden restrictions on American products could strengthen Beijing's position in the global AI race.

The controversy has also exposed a tension at the center of Anthropic's identity. The company has built much of its reputation around emphasizing the risks posed by increasingly capable AI systems and advocating for stronger safeguards. Yet critics argue that by highlighting the dangers of frontier AI, Anthropic may have helped create the political environment in which its own products became subject to extraordinary scrutiny.

For now, both Anthropic and administration officials appear eager to resolve the situation. Senior Anthropic researchers traveled to Washington this week for discussions with Commerce Department officials and National Cyber Director Sean Cairncross. According to both the Wall Street Journal and The Information, talks have focused on possible technical remedies as well as broader concerns surrounding Anthropic's relationship with the government. (Amrith Ramkumar / Wall Street Journal, Hugo Lowell, Lily Hay Newman. Maxwell Zeff / Wired, Yoolim Lee / Bloomberg, Cat Zakrzewski, Isaac Arnsdorf, Ian Duncan and Gerrit De Vynck / Washington Post, Leo Schwartz / The Information, Maria Curi, Marc Caputo / Axios, Ben Thompson / Stratechery, Agathe Demarais / Financial Times, Madhumita Murgia, George Hammond, Rafe Rosner-Uddin and Joe Miller / Financial Times, and Luta Security)

Related: Gizmodo, Silicon UK, diginomica, Phandroid, naked capitalism, Politico. Bloomberg, The Next Web, Reuters, Financial Times, TechCrunch, CNBC, Business Today, BBC, Don't Worry About the Vase, Politico, Wall Street Journal, The Daily Upside, The Verge, The Next Web, Implicator.ai, Faster, Please!, CyberScoop, Washington Post, Forbes, Yahoo Finance, Fortune, The Spectator, The Decoder, Axios, Hacker News, Implicator.ai, TechCrunch, The Register

According to Google's Threat Intelligence Group, a Chinese-linked hacking group, UNC6508, a relatively new and little-known cyberespionage player, spent more than a year secretly stealing data from US and Canadian academic, medical, and military research institutions before being ​detected.

Between September 2023 and November 2025, the ‌hackers sought information related to defense intelligence, military strategy in the Indo-Pacific, artificial intelligence, unmanned vehicles, cyber warfare programs and medical research.

Google did not name the ​targeted organizations, but said their work covered a broad range of fields, from ​drug discovery and clinical trials to public health policy and military ⁠readiness, and that they collectively employ thousands of people with a combined research ​budget running into the billions of dollars.

The earliest known activity tied to the campaign dates to September 2023, when the hackers exploited vulnerabilities in servers running REDCap, a web application widely used by nonprofits to build and manage online surveys and databases. ​Using custom-built malicious ​software, the hackers stole ⁠legitimate REDCap login credentials to gain access to the targeted networks. They then set up a system to automatically forward emails ​containing any of nearly 150 keywords and search terms to ​a Gmail ⁠account they controlled, the researchers said. (AJ Vicens / Reuters)

Related: Google Cloud Blog, CyberScoop, Help Net Security, iPhone in Canada, Memeburn, BleepingComputer, r/worldnews, SC Media, CSO Online

Researchers at Varonis discovered that a critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL.

The exfiltrated information could be email content (e.g., access codes, passwords), calendar events and meeting details, documents, and other content accessible through Copilot Enterprise Search.

Microsoft addressed SearchLeak at the beginning of the month and assigned it the CVE-2026-42824 identifier with a maximum severity, critical rating. (Bill Toulas / Bleeping Computer)

Related: Varonis, Dark Reading, The Cyber Express, GBHackers, Cyber Security News

The US Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims of cryptocurrency investment scams, also known as pig butchering or romance baiting.

The warning came in the form of a public service announcement in which the law enforcement agency said that scammers are pushing targets toward in-person cash pickups (in some cases claiming a victim's account has been "flagged") after legitimate financial institutions block suspicious money transfers.

The dispatched couriers identify themselves using an agreed-upon password or a specific dollar bill serial number. After the pickup, victims see a simulated increase in their virtual wallet balance and attempt to withdraw their winnings, but the scammers restart the cycle and demand even more cash for fraudulent taxes and penalties, again collected through couriers.

"Once victims obtain cash and inform the primary scammer they have the funds, the scammer arranges to send couriers to retrieve the cash at victims' homes or public locations. Scammers provide victims with a U.S. dollar bill serial number or another form of code/password," the FBI said.

"When the courier arrives, they show the victim the dollar bill or provide the agreed-upon password to authenticate the courier's affiliation with the scammer."

The law enforcement agency advised people to research cryptocurrency platforms before investing, not to share their home addresses or deliver cash to unknown individuals, to stop all contact following unsolicited wrong-number communications, and to be alert to "love bombing," an extremely effective manipulation technique used to build false trust with a target quickly.

Victims are urged to file a complaint with the FBI immediately and include as much information as possible, including the criminals' names, methods of communication, and bank accounts used in the scam. (Sergiu Gatlan / Bleeping Computer)

Related: IC3, Help Net Security, Infosecurity Magazine, SC Media

Judge Eumi K. Lee of the United States District Court for the Northern District of California rejected Meta’s attempt to dismiss a lawsuit from Strike 3 Holdings, the company that owns popular sites like Blacked, Vixen, and Tushy, for scraping its porn videos. 

The decision shows Meta’s nonsensical justification for scraping massive amounts of copyrighted material from the internet in order to train its AI models and is notable for adult content creators, who have been scraped for model training data long before the current generative AI boom.

Strike 3 Holding first filed its lawsuit almost a year ago after internal Meta emails revealed in a different lawsuit showed that the company downloaded over 81 terabytes of data by scraping Anna’s Archive, a massive open search engine for torrenting copyrighted material including books, movies, TV shows, and porn. A Strike 3 Holding investigation found that 47 IP addresses belonging to Meta were used to torrent 2,396 of its videos a total of 6,008 times between 2018 and 2025. (Emanuel Maiberg / 404 Media)

Related: Court Listener, Mashable, IB Times

Federal prosecutors unsealed criminal charges against two men accused of operating AudiA6, a cryptocurrency laundering service that processed more than $389 million in transactions since 2021.

Ruslan Igorevich Tkachuk, a Ukrainian national, and Alexander Vladimirovich Ledenev, a Russian national, were arrested the same day in Batumi, Georgia. Each is awaiting extradition and faces one count of conspiracy to launder monetary instruments and one count of sting money laundering, the US Attorney's Office for the Eastern District of Pennsylvania said in a statement.

According to the statement, the criminal complaint alleges that Tkachuk and Ledenev are senior members of the AudiA6 organization and also manage the Dark2Web cybercrime forum, where AudiA6 advertised its services.

A Dark2Web advertisement quoted in the complaint offered to conceal and disguise the source of any customer's cryptocurrency that would otherwise be traceable to criminal sources, for a fee of up to 5% of the amount being laundered.

Through blockchain analysis, law enforcement determined that approximately 10,333 bitcoins had been deposited into AudiA6's cryptocurrency wallets since the service launched in 2021, the statement said. (Brian Danga / The Block)

Related: Europol, Brussels Times, Help Net Security, Infosecurity Magazine, Bleeping Computer

Digital healthcare company iRhythm Holdings has disclosed in an SEC filing a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications.

The company says its cardiac monitoring service has been used to analyze more than 2 billion hours of curated heartbeat data from over 12 million patients.

iRhythm said it discovered the incident one day before the filing, prompting it to launch an investigation with external cybersecurity experts and activate its cybersecurity response plan to contain the breach.

It added that the attackers reached out one week ago, on June 9, demanding a ransom to prevent the disclosure of stolen health information online, but didn't attribute the attack to a specific threat actor or extortion group.

The company also stated that it has no evidence that the incident has affected "its products, clinical or medical device systems, patient safety, manufacturing and distribution operations, financial reporting systems," and noted that the threat actors gained access to the data through social engineering.

iRhythm added that it does not store patients' payment card or financial account information, and that the breach does not involve its clinical or medical device systems. (Sergiu Gatlan / Bleeping Computer)

Related: SEC, Mass Device, The Cyber Express, ET Healthworld, Minichart

Mackay Sugar, a major Australian sugar producer, has been targeted in a ransomware attack that forced it to shut down some of its mills.

The hacker attack came to light on June 10, when Mackay Sugar announced it was responding to a cybersecurity incident affecting some of its operations.

“Interim processes are in place to support critical business functions and minimize disruption where possible,” the company said at the time.

Mackay Sugar operates three cane-processing mills in Queensland and is Australia’s second-largest raw sugar producer.

The cyberattack appears to have impacted operations at two of the mills, but the company announced on June 12 that it had “recommenced a limited manual crushing operation” at one mill to process cane harvested prior to the incident.

“While some operations have resumed in a controlled manner, key cane supply and logistics systems remain subject to ongoing restoration and no additional cane is being accepted at our mills at this stage,” Mackay Sugar said on June 12.

In its latest update, shared on June 15, the company said it’s still responding to the incident. (Eduard Kovacs / Security Week)

Related: Mackay Sugar, Mackay Sugar, Cyber Daily, Cybersecurity Insiders, Security Affairs, SC Media

Everyone is racing to adopt AI. But if your security foundation is weak, AI won’t save you — it will amplify the risk.

That’s the core message behind my just-published new book, The NIST 2.0 Cybersecurity Framework: Practical Risk Management Using Real-World Incidents. Rather than treating cybersecurity as a compliance exercise, the book shows how organizations can build resilient security programs grounded in real operational failures and lessons learned.

Wiley is currently offering Metacurity readers a 20% discount with code ENG20. Don't wait! Order your copy today! Email me to find out about bulk purchases for your organization or special customized print runs for your team.

The US Cybersecurity and Infrastructure Security Agency (CISA) has given government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin.

Tracked as CVE-2026-48172, this high-severity vulnerability was reported by Namecheap and allows attackers with FTP or web shell access to escalate privileges to root on shared hosting servers running CloudLinux/CageFS.

This vulnerability affects all user-end plugin versions before 2.4.8 and stems from a 'UNIX symlink following' weakness.

LiteSpeed flagged it as actively exploited in early June and released urgent security updates, warning users to update the cPanel user-end plugin (bundled with the WHM plugin) to the latest version.

Users are advised to use the following command to check if their server is vulnerable to attacks targeting the CVE-2026-48172 vulnerability:

grep -rE 'cpanel_jsonapi_func=(generateEcCert|packageUserSize)|cert_action_entry .*geneccert' /usr/local/cpanel/logs/ /var/cpanel/logs/ 2>/dev/null

Last month, CISA warned federal agencies to patch another LiteSpeed cPanel vulnerability (CVE-2026-48172), which unauthenticated attackers exploited to execute arbitrary scripts with root privileges. (Sergiu Gatlan / Bleeping Computer)

Related: Security Affairs

Chinese police say they have cracked a series of cybercrime cases involving a new variant of the Silver Fox Trojan virus, the Ministry of Public Security's cybersecurity bureau said.

The Trojan is highly deceptive and mainly targets employees of enterprises and public institutions, particularly financial personnel, the bureau said.

Once installed on a victim's computer, the malware can enable remote control, steal account passwords, intercept SMS verification codes, and obtain private data, it said.

Public security organs have taken proactive actions to investigate and crack down on such crimes, the bureau said.

In one case, police in Jilin province uncovered a criminal gang led by a suspect surnamed Chen that had developed a variant of the Silver Fox Trojan and used technical means to evade security detection.

The gang allegedly sent phishing emails in bulk, stole corporate data, and built fraud scenarios to carry out criminal activities totaling more than 7 million yuan ($1 million), police said. Local police have taken criminal compulsory measures against Chen and 26 other suspects, and the case is under further investigation. (Yang Zekun / China Daily)

Related: The420

Kid-oriented gaming platform Roblox is launching separate age-based accounts for minors.

Those ages 5 to 8 will be placed in Roblox Kids accounts, which disable all messaging by default and restrict users to games with a content maturity label of “minimal” or “mild.”

Users ages 9 to 15 will be in Roblox Select accounts, which gradually introduce more chat functions and allow access to games up to “moderate” content maturity. Users 16 and up will generally have the full suite of Roblox games and chat functions.

It’s a setup that builds on the platform’s recent rule change requiring all users to provide a government ID to prove their age or to undergo biometric age checks to use the chat function. That process automatically estimates users’ ages and permits them to chat only with others estimated to be in similar age ranges.

The ramped-up safety effort has correlated to a decline in daily active users, from around 152 million in the third quarter of last year to 132 million in the first quarter of this year — figures that prompted Roblox’s stock to tumble 18% in just one day — as its user base expresses frustration with the flurry of changes in recent months.

Many players have lamented online that their experience is now diminished by a mishmash of locked chat functions, AI-generated chat summaries and newly age-gated games. (Angela Yang, Kayla Steinberg and Vicky Nguyen / NBC News)

Related: MediaNama, Pixel Envy, The Verge

More than two dozen companies, including JPMorgan Chase & Co. and an array of cybersecurity firms, have formed a coalition called Athena to remedy software flaws spotted by cutting-edge artificial intelligence models.

Led by cybersecurity startup Chainguard, the coalition involves Cisco, Cloudflare and others, Chainguard said. The group is focused on securing open-source software, which underpins technology used across the economy, from web browsers and data centers to smartphones and ATMs.

In an interview, Chainguard Chief Executive Officer Dan Lorenc said members of the group are searching for potential vulnerabilities using advanced AI models, such as OpenAI’s GPT-5.5-Cyber.

So far, the coalition said it has examined over 20,000 potential vulnerabilities shared by members — some of which turned out to be duplicates — and sent out more than 2,000 patches for 500 open-source projects.

“We know the timeline on all of this is very limited,” said Lorenc, whose company focuses on securing open-source software. That’s because while Anthropic and OpenAI have limited access to their most capable cybersecurity-related AI models, he suspects that open-source AI models will eventually be just as good, providing attackers access to the same kinds of tools.

Most of the vulnerabilities so far have been found using Anthropic’s Mythos AI model, Lorenc said, and a growing number from GPT-5.5-Cyber. He said they include “very serious software vulnerabilities,” but declined to provide more details ahead of a series of disclosures of the issues that will start next month. (Rachel Metz / Bloomberg)

Related: Chainguard, Dan Lorenc on LinkedIn

The Trump administration closed an investigation, without seeking any penalties, into a July 2024 meltdown at Delta Air Lines sparked by a global outage that disrupted the travel plans of 1.3 million customers ​and cost the carrier $500 million.

The Biden administration opened a probe into Delta ​following the CrowdStrike computer software outage, after other major carriers were ⁠able to resume normal operations much faster.

A Transportation Department spokesperson said the ​review showed that "Delta's passengers received prompt refunds, adequate baggage assistance, and appropriate assistance for ​passengers with disabilities."Under U.S. President Donald Trump, USDOT has been moving to roll back some aviation consumer protection initiatives unveiled by the administration of then-President Joe Biden and has reversed a number of penalties.

Delta ​said in a statement it was grateful that USDOT recognized "the catastrophic circumstances we faced ​as an industry during the unprecedented outage and its dismissal of the investigation, citing how we ‌cared ⁠for customers, which included millions of dollars in refunds, hotels, food and baggage assistance." (David Shepardson / Reuters)

Related: Benzinga, Heise Online, Atlanta News First, The Economic Times

Startup Ent, which enables an AI-driven "intent-aware Workspace Security platform," emerged from stealth with $100 million in seed financing.

Decibel led the funding, with participation from Sequoia, Crosspoint Capital Partners, Craft Ventures, Shield Capital, Felicis, and In-Q-Tel (IQT) (Angus Loten / Wall Street Journal)

Related: Silicon Angle, Business Wire, Tech Funding News

Cybersecurity startup NewCore emerged from stealth with $66 million in seed funding, aiming to solve a challenge it believes many companies will soon face as they deploy AI agents: how to authenticate, govern, and control them at scale.

Cyberstarts led the round with participation from Index Ventures and Evolution Equity Partners. (Jagmeet Singh / TechCrunch)

Related: Globes, FinSMEs, SiliconANGLE, CTech, Ynetnews, NewCore, The Next Web, SecurityWeek

Arcade.dev, the secure action layer for production AI agents, today announced $60 million in Series A funding.

SYN Ventures led the round, with strategic investment from Morgan Stanley and Wipro. (Steven Rosenbush / Wall Street Journal)

Related: PYMNTS, Business Wire, Silicon Angle, FinSMEs, Axios

American identity security company SailPoint is continuing to deepen its presence in the Israeli market with the acquisition of Israeli startup Entro Security for a reported $200 million.

Entro develops an advanced cybersecurity platform for mapping, managing, and protecting non-human identities. (Meir Orbach / CTech)

Related: SiliconANGLE, SailPoint Technologies, Inc.

Cybersecurity company Apono has been acquired by Canadian cybersecurity firm 1Password for a reported $250 million to $300 million.

All 80 of Apono’s employees, around 50 of whom are based in Israel, will join the acquiring company. 1Password also intends to continue expanding its operations in Israel by hiring additional employees. (Meir Orbach / CTech)

Related:  Globes, 1Password

Best Thing of the Day: Helping the World's Food Supply

The Desert Dev Hackathon in New Mexico this year is all about helping the world's farmers.

Bonus Best Thing of the Day: Helping Ukraine With Emergency Cyber Support

Ukraine can now call on emergency EU cyber support during major cyber incidents after the Council of the European Union approved its inclusion in the EU Cybersecurity Reserve

Worst Thing of the Day: Deepfakes Threatening Democracy Again

Political campaigns are deploying deepfake technology in a way that threatens to undermine the midterm elections.

Closing Thoughts