White House rethinks AI oversight

Artificial intelligence policy is suddenly about vulnerability hunting, not just chatbots and productivity tools. That is the shift here. Over the past week, White House officials have openly debated whether the government should review some advanced AI models before companies release them, after Anthropic’s Mythos showed just how good a frontier model can get at finding software flaws. But the story is messier than a clean regulatory pivot — because the same White House is also trying to calm the industry down. ### What changed this week? The clearest public signal came on May 6 and May 7, when National Economic Council director Kevin Hassett said the administration was studying a possible executive order that could create a vetting process for future AI systems before they are “released into the wild,” using a comparison to FDA-style safety review. That was a sharp change in tone from the administration’s earlier hands-off posture on AI. (politico.com) ### Why is Mythos the trigger? Mythos is Anthropic’s restricted-access frontier model for cybersecurity work. Anthropic says the model can identify and exploit zero-day vulnerabilities in every major operating system and every major web browser, and that more than 99% of the flaws it found were still unpatched when it wrote about them. That is the nightmare scenario for policymakers — a model that can help defenders first, but could also turbocharge attackers if it spreads too widely. (bloomberg.com) ### Did Anthropic actually release it? Not publicly. Anthropic put Mythos into Project Glasswing on April 7, giving launch partners like AWS, Apple, Google, Microsoft, Nvidia, JPMorganChase, Palo Alto Networks, and the Linux Foundation early access for defensive work. Anthropic also says it extended access to over 40 additional organizations and committed up to $100 million in usage credits plus $4 million in donations to open-source security groups. Basically, the company tried to stage-manage the rollout as a defensive head start, not a general launch. (red.anthropic.com) ### So is the White House really going full regulation? Maybe not. That is the catch. After Hassett’s comments spooked the industry, senior White House officials told Politico that the administration was looking for “partnership” with companies rather than straightforward government regulation, and suggested the tougher rhetoric had been overstated. So the live debate now is not “regulate or don’t regulate.” It is more like: how much leverage does the government want before a model with obvious cyber or biosecurity risk goes public? (anthropic.com) ### Why does this matter beyond Anthropic? Because any real pre-release review system would not stop at one company. The names already in the conversation include OpenAI, Anthropic, and Google. Once the government says some models are too dangerous to ship without testing, frontier AI starts to look less like software you can update overnight and more like critical infrastructure with a gatekeeper in front of it. (politico.com) ### Are experts convinced Mythos changed the game? Not unanimously. Some cybersecurity researchers told CNBC that the core capability — finding vulnerabilities with AI — is already achievable with older public models if you orchestrate them well. In other words, Mythos may have accelerated the policy panic more than it created a wholly new threat. That matters because a vetting regime built around one splashy model could miss the broader reality that dangerous capability is diffusing anyway. (politico.com) ### What does this overturn from before? On January 20, 2025, Trump revoked Biden’s AI executive order, and days later issued a new order aimed at removing barriers to American AI leadership. That move signaled deregulation and speed. The current discussion does not fully reverse that agenda, but it does carve out a big exception: if a model can materially help launch cyberattacks or expose national-security systems, the White House may want review power before release. (cnbc.com) ### Bottom line? The real news is not that Washington suddenly became anti-AI. It is that frontier models have gotten good enough at offensive cyber tasks to make even a pro-speed White House consider a permission slip. Whether that becomes a formal rule or just a pressure campaign is still unresolved — but the old assumption that the biggest labs can ship first and explain later looks a lot weaker now. (politico.com) (csoonline.com)