AI Security Ops

Mythos and Fable Pulled | Episode 59


Listen Later

In this episode of BHIS Presents: AI Security Ops, the team tackles a first-of-its-kind moment in AI security and regulation:

What happens when the U.S. government orders a company to pull its most powerful AI models off the market?

Not the chips. Not the infrastructure. The models themselves.

On June 12th, 2026, Anthropic disabled Fable-5 and Mythos-5 worldwide after receiving a federal export-control directive tied to foreign-national access. The models were only three days old, and the shutdown raises a much bigger question for security teams, builders, and defenders:

Are frontier AI models now controlled technology?

This episode breaks down the order, the export-control mechanism behind it, the cybersecurity concerns around jailbreaks, and what this means for anyone building security workflows on top of hosted AI models.

We dig into:
• Why Anthropic pulled Fable-5 and Mythos-5 for all customers
• How foreign-national access rules forced an all-or-nothing shutdown
• What EAR export controls are, and why ITAR keeps coming up
• The history of encryption, PGP, and software as controlled technology
• Why Fable-5 and Mythos-5 triggered cyberweapon concerns
• The difference between guarded and less-guarded model releases
• Why jailbreaks are central to the government’s justification
• Why “all LLMs can be jailbroken” matters for policy and enforcement
• Whether Anthropic’s safety messaging created regulatory risk
• How competition and AI industry politics may shape regulation
• Why model redundancy is becoming a security resilience requirement
• What security teams should learn from a hosted model disappearing overnight
• Why taking powerful AI away from defenders may make security worse, not better

This episode explores a critical shift in AI security: frontier models are no longer just another SaaS dependency. They are becoming part of the security supply chain, subject to policy, export controls, national-security concerns, and sudden access loss.

For security teams, the question is no longer just which model performs best. It is what happens when the model your workflow depends on disappears, and what that model could see while it was running.

Key Concepts & Topics

AI Export Controls
• Federal action targeting AI models instead of chips
• Foreign-national access restrictions
• Frontier models as controlled technology

EAR, ITAR, and Software Regulation
• Dual-use technology under Commerce Department authority
• Historical parallels to encryption and PGP
• Why software can become a national-security control point

Fable-5 and Mythos-5
• Guarded and less-guarded model access
• Safety classifiers and cyber capability concerns
• Public release versus vetted access models

Jailbreaks and AI Security
• Bypassing model safeguards
• Universal versus narrow jailbreaks
• Why perfect jailbreak resistance is not realistic

Security Resilience
• Model redundancy as a practical requirement
• Avoiding single-model dependency
• Planning for sudden access loss, policy changes, and vendor shutdowns

Defensive Strategy
• Understanding where AI lives in your workflows
• Thinking through AI blast radius
• Balancing model capability, access, monitoring, and risk

Learn more about Black Hills Information Security:
https://www.blackhillsinfosec.com/

Introducing BHIS Fusion Penetration Testing
https://www.blackhillsinfosec.com/fusion-penetration-testing/

Check out Antisyphon Training:
https://www.antisyphontraining.com/

#AISecurity #CyberSecurity #LLMSecurity #ArtificialIntelligence #InfoSec #BHIS #Antisyphon #AIRegulation #ExportControls

----------------------------------------------------------------------------------------------
🎧 Subscribe to the Podcast:
https://aisecurityops.transistor.fm

About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/
About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/
About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/
About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/
About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/

  • (00:00) - Intro: The First AI Model Export Control
  • (01:38) - The Anthropic Order and Foreign-National Access
  • (03:19) - EAR, ITAR, and Software as Controlled Technology
  • (04:39) - Mythos-5, Fable-5, and Guarded Model Access
  • (06:32) - Jailbreaks and Cyberweapon Concerns
  • (08:58) - Competition, Regulation, and AI Industry Politics
  • (10:54) - Model Redundancy as a Security Requirement
  • (13:21) - Defensive AI Use and Final Takeaways

  • Click here to watch this episode on YouTube.

    Creators & Guests
    • Brian Fehrman - Host
    • Bronwen Aker - Host

    • Brought to you by:

      Black Hills Information Security 

      https://www.blackhillsinfosec.com


      ☯️ Introducing BHIS Fusion Penetration Testing
      https://www.blackhillsinfosec.com/fusion-penetration-testing/

      Antisyphon Training

      https://www.antisyphontraining.com/


      Active Countermeasures

      https://www.activecountermeasures.com


      Wild West Hackin Fest

      https://wildwesthackinfest.com

      🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
      https://poweredbybhis.com

      Click here to view the episode transcript.


      ...more
      View all episodesView all episodes
      Download on the App Store

      AI Security OpsBy Black Hills Information Security