RSS

Policy Pulse – Issue #21 – Week of June 27, 2026

jruohonen1 pts0 comments

Policy Pulse - Issue #21 | Week of June 27, 2026

×

Subscribe to Running With Scissors

Hacking, policy, advocacy, and the sharp end of security research. Delivered to your inbox.

Subscribe

Free. No spam. Unsubscribe anytime.

Check your inbox

A confirmation link has been sent to your email.

Sign in<br>Subscribe

Policy Pulse - Issue #21 | Week of June 27, 2026

Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.

Top Story

Fifteen days after export control pulled Anthropic's offensive cyber models, the government issued a partial reprieve: Mythos 5 is cleared for about 100 named US critical-infrastructure organizations, Fable 5 stays blocked, and the whole episode is starting to rhyme with the Wassenaar fight the security community already won once.

On June 26, Commerce Secretary Howard Lutnick sent Anthropic a letter lifting part of the June 12 suspension. Lutnick wrote that he had "determined that appropriate safeguards are in place to permit certain trusted partners to access the Claude Mythos 5 Model," clearing it for roughly 100-plus US organizations that operate and defend critical infrastructure (TechCrunch, Semafor). Fable 5, the general-availability model, was not addressed in the letter and remains blocked, and the list of approved organizations has not been made public (Semafor). The original directive came after the government concluded a jailbreak method had been found, a finding Anthropic disputed at the time as "a narrow potential jailbreak" not worthy of recalling a model "deployed to hundreds of millions of people" (Anthropic).

Strip away the AI novelty and the shape of this is familiar. In 2013 the Wassenaar Arrangement, the multilateral export-control regime, added "intrusion software" to its dual-use control list. When the US Commerce Department proposed implementing rules in 2015, the security community realized the definitions were broad enough to sweep up the everyday tools and exploit code that defenders, researchers, and incident responders depend on, treating a penetration test like a weapons shipment. Companies including Google and Facebook objected that the controls would hit penetration testing, threat-information sharing, and bug bounty programs (Wassenaar Arrangement). The proposal was not adopted as written, and the control language was later renegotiated to add end-use exemptions for vulnerability disclosure and incident response (Wikipedia: Katie Moussouris). The thing that saved defensive security was not the absence of controls. It was a transparent, technically grounded carve-out won by experts who got in the room.

That is the lens to hold over the Mythos episode. Export control is once again the lever pointed at a dual-use capability, except this time it moved first and asked questions later: a deployed model recalled in 72 hours, restored two weeks later only for a secret list of approved organizations, with no published technical threshold and no visible appeal. Wassenaar took four years and a public fight to get to a workable carve-out. The AI version is running that same loop at compressed speed, and so far without the transparency that made the first one survivable.

Why it matters for VDP: The disclosure community has lived through exactly this movie, and the ending was good only because the technical line between offense and defense was drawn in the open. An export-control regime that decides case by case, behind a sealed annex, which organizations may use a defensive AI capability is a regime that can quietly redraw that line against researchers and tool vendors. The lesson from Wassenaar is that the carve-out has to be fought for early and in public, not assumed.

Throwback: In Issue #20 we called the June 12 recall the first government recall of a deployed frontier cyber model and flagged that it ran through export control rather than any disclosure standard. The June 26 partial reprieve confirms the pattern: the governance of offensive-capable AI is now an export-control story, and the disclosure community is downstream of every move.

Upcoming Deadlines & Events

July 2, 2026 : NIST SP 800-228A (Guidelines for Secure Deployment of RESTful Web APIs) public comment closes. APIs are the dominant modern bug-bounty target class. (NIST CSRC)

~July 2, 2026 (EO 14409 +30 days) : CISA Binding Operational Directives (Sec 2(c)) and the Treasury-led AI cybersecurity clearinghouse (Sec 2(d)) are due. (White House)

July 6, 2026 : NIST IR 8323r2 (PNT/GPS resilience profile, rebuilt on Cybersecurity Framework 2.0) public comment closes. (NIST CSRC)

July 8, 2026 : NIST SP 1800-41 (Responding to and Recovering from a Cyber Attack, Manufacturing Sector) public comment closes. (NIST CSRC)

July 25, 2026 : NIST must submit a formal action plan responding to the Commerce OIG report on its management of the National Vulnerability Database. (Help Net Security)

August 24, 2026 : Petitions for new and renewal DMCA...

control june nist security export public

Related Articles

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

How to Earn a Billion Dollars

kingstoned15 ptsmonth become startup growth years billionaire

Italy's Meloni says Trump 'made up' story that she 'begged' him for photo at G7

root-parent13 ptsmeloni trump italy said italian begged
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.