— We cannot afford to depend on others for the technologies that keep our hospitals running, our energy grids stable and our services secure, Commission President, Ursula von der Leyen says in a statement.
Continue reading “The EU plans for «technological sovereignty» with huge investments”
The new order, released on June 2, reduces the voluntary sharing window to 30 days, waxes poetic about unleashing innovation in the AI labs, and says they make the USA stronger. It also says that capabilities have evolved to a point where national security becomes an issue.
Continue reading “The Trump White House releases long awaited Executive Order on AI”
The move comes after seeing the astronomical wages being offered for valuable AI competence by US labs, such as Meta, Bloomberg writes, but notes that China sees AI labs as a strategic asset and are concerned about data leaks.
The previous policy included restrictions for individuals that were senior researchers in education, nuclear scientists and top executives of government companies, Tom’s Hardware writes.
Before this, AI workers on the list only had to report where they were traveling, but did not have to ask for specific permission.
The new rules might inspire early-stage talent with international ambitions to leave the country before getting added to the list, and dissuade overseas talent from moving home to China, Bloomberg says.
Read more: Bloomberg, Tom’s Hardware, and The Decoder.
— Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI, Anthropic says.
Of those vulnerabilities, 6,202 were serious finds in open source software, where Anthropic has partnered with «more than 1,000» projects. Mythos actually found 23,019 bugs, but most were estimated at medium or low severity.
— Models with similar cybersecurity skills to Mythos Preview will soon be more broadly available, says Anthropic.
— There is a clear need for a larger effort across the software industry to manage the volume of findings that these models will generate.
Therefore, Anthropic is widening the release of Mythos, making it available to «qualifying» security teams «on request.» In the future, they say they hope to develop safeguards strong enough to make it generally available, but no such safety features exist as of today.
Read more: Anthropic’s findings and Engadget. Discussion on r/cybersecurity
Donald Trump declared that «I don’t like certain aspects of it,» and said that the USA is «leading China, we’re leading on everybody» and that he doesn’t want to get in the way of that.
The draft order was designed to appease «doomers» within the Trump coalition who were worried about the advanced capabilities of some models that might pose serious cybersecurity risks.
One of the provisions was to have AI labs «voluntarily» submit their models to the government for review 90 days in advance, and also give access to «critical infrastructure providers,» Reuters reported.
DeepMind CEO Demis Hassabis reckoned in January that China is «just months» behind the US in capabilities, and many advocates said the provision could hurt this competitiveness.
The order is now indefinitely postponed, but The White House has other AI security initiatives in the works, Axios reports.
Read more: Axios, Reuters, Washington Post (paywalled), and The NYT (paywalled).
— Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across the security flywheel to help make the world safer for everyone, OpenAI writes.
The more advanced models require a screening of users, and the better they get, the more serious the vetting.
— Because those same capabilities can be misused, Daybreak pairs expanded defensive capability with trust, verification, proportional safeguards, and accountability.
Also new is that OpenAI now offers a vulnerability scan as a way into the ecosystem, available for businesses of all sizes and systems.
Read more: OpenAI’s presentation, The Verge.
But as of Claude Haiku 4.5, from October 2024, blackmail is no longer an issue, Anthropic says.
They believe they traced the issues to internet text portraying AI as evil and self-preserving, but honestly, that is a fairly common cultural trope.
Reinforcement training didn’t help the issue, training on «examples of safe behavior» didn’t work — but introducing a dataset of ethically challenging situations did.
Then they introduced lots of fictional stories of AI behaving in aligned ways and further dropped the blackmail instances by a factor of three, then adding system prompts targeting «harmlessness» did the rest.
Anthropic does say that this does not eliminate the risk entirely: «our auditing methodology is not yet sufficient to rule out scenarios in which Claude would choose to take catastrophic autonomous action.»
Read more: Anthropic’s research, on X.com, TechCrunch, and Business Insider.
The security industry is entering a period of compression. Model cybersecurity capabilities are rapidly increasing, and it's critical we arm defenders with the tools they need to protect what matters most.
We're launching two models today:
GPT-5.5 with TAC (Trusted Access for…
— DANΞ (@cryps1s) May 7, 2026
Two models models are launching today; GPT-5.5 with «Trusted Access for Cyber» that requires some vetting to get into. It can handle defensive security, do code review, malware analysis and patch validation.
GPT-.5.5-Cyber requires stronger verification and does specialized workflows, red teaming, penetration testing and controlled validation.
GPT-5.5 Cyber was earlier found on par with Anthropic’s Mythos model, that has been spooking the establishment lately.
The vetting approach for the Cyber model has been «informed by conversations with cybersecurity and national security leaders across federal and state government and major commercial entities,» OpenAI says.
Read more: OpenAI’s blog, CNBC, Axios.
These models have both been limited for their ability in cybersecurity, and point to a not-so-distant future where such capabilities might be widely available.
To that end, the White House’s Office of the National Cyber Director held all of two meetings last week, with tech and cyber companies on the one hand and with trade groups in tech on the other, according to Axios.
The ONCD has also been discussing safety testing for federal AI deployments, by assessing the security exposure of AI models before rolling out to the public sector.
The NYT reported on this first, and is saying that there might be a safety review for new models, while giving the Pentagon the first shot at eventual «useful» cyber capabilities, but would not block their release.
Any discussion on «potential executive orders is speculation,» a White House official told Axios.
Read more: Axios and the New York Times.
The paper probes «vulnerability research and exploitation against realistic targets and modern mitigations» through rigorous tests, and found GPT-5.5 had a pass rate of 71.4%, compared to Mythos’ 68.6% on the most advanced evaluations.
According to the AISI, their test suite proves that Mythos is not a one-off act of brilliance, but part of a wider trend for frontier models. They say «we should expect further increases in cyber capability from models in the near future, potentially in quick succession.»
At the same time, Sam Altman posted on x.com that OpenAI will indeed follow Anthropic’s lead on limiting access to GPT-5.5-Cyber to «critical cyber defenders:»
— We will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure, Altman wrote.
Read more: The AI Security Institute, Altman’s x post, TechCrunch. Discussion on r/Singularity.
— We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments, Anthropic tells TechCrunch.
The group is part of a Discord channel focused on finding information on unreleased models, and made some educated guesses as to where the model would be located. They also had some help from a member whose job gave him access.
As for the warnings of dangerous fallout from public access to the model, the group says they are only interested in «playing around with new models,» not «wreaking havoc,» Gizmodo says, but the «hack» itself will raise concern in the security sector.
Read more: Bloomberg (paywalled), TechCrunch, and Gizmodo.
— For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up, Mozilla writes in their blog.
The upshot is that the 271 bugs mean that the company can approach security «much better than just keeping up», and that «defenders finally have a chance to win, decisively.»
— We have many years of experience picking apart the work of the world’s best security researchers, and Mythos Preview is every bit as capable, Mozilla continues.
They used Claude Opus 4.6 to find 22 bugs back in March, but this Mythos-powered bug hunt was so large it left them with a feeling akin to vertigo, they say.
Read more: Mozilla’s blog, interview on Wired, writeups on Ars Technica and Engadget.
— Over time, it helps Codex learn how you work: the tools you use, the projects you return to, and the workflows you rely on, OpenAI croons on x.com.
The point is to learn even more detail about you, from how you prefer your code to the tools and apps you use to perform. This can then later be recalled by Codex.
Notwithstanding the privacy concerns from Windows Recall, which also uses AI to take and store screenshots of your desktop, OpenAI is warning that the screenshots are even stored unencrypted on your computer.
They also warn that it eats up rate limits quickly, is very prone to prompt injection attacks and is only available on the $200 Pro subscription, as a research preview on macOS. Once enabled, it can be paused at any time in a menu item.
Read more: Announcement post, OpenAI support page, Aakash Gupta on x.com, 9to5Mac.
The model was deemed too dangerous to be released, but is available to about 40 select organizations through Project Glasswing, which uses its advanced cyber capabilities to scan for exploits and vulnerabilities — before the rest of the world catches up.
This is in spite of a Trump government ban on Anthropic and it being labeled a national security threat by the DoD this February after refusing to comply with Pentagon demands.
Anthropic held a meeting with the White House this Friday, said to be «productive and constructive,» Reuters reports.
These kinds of tasks would normally get refusals for security reasons, but with Cyber access, developers can go as far as reverse engineering entire apps to poke for bugs.
The model is based on ChatGPT-5.4, but OpenAI says they are expanding the entire Cyber program now «in preparation for increasingly capable models over the next few months […] whose capabilities will rapidly exceed even the best purpose-built models of today.»
The release comes hot on the heels of Anthropic’s Mythos model and «Project Glasswing,» said to be so advanced they won’t release the full model.
To get access to GPT-5.4-Cyber, you have to first verify that you are a cybersecurity professional with OpenAI, and even then you might get «limited» access based on a tier system.
Read more: OpenAI’s announcement, Reuters and Axios.