POLICY
Anthropic Forced Offline After Trump Export Controls Target Foreign Users
Here is the uncomfortable truth sitting at the center of this standoff: the Trump administration may be demanding something that is technically impossible, and Anthropic has no idea how to tell them that without losing the right to operate its most powerful model.
Last week, the administration used export controls to pull Anthropic's Claude Fable 5 off the market, citing concerns that the model could be jailbroken in ways that expose dangerous capabilities related to cybersecurity, chemistry, and biology. The NSA apparently reviewed the model and concluded the guardrails could be disabled by sufficiently motivated users. That finding was enough for the White House to act.
Anthropic pushed back, arguing the jailbreak risks are overstated and the real-world impact is minimal. They made that case directly to the Commerce Department and the Office of the National Cyber Director in a technical meeting this week. The administration's response, essentially: we are done debating severity, just fix it.
The problem is that "fixing it" may not be a real option on the table. Independent security researchers have been making the case for years that AI guardrails are fundamentally a patch job, not a permanent solution. Skilled users will always probe models for weaknesses, and as AI capabilities improve, those probes will get more sophisticated. Telling Anthropic to eliminate jailbreaks entirely is a bit like telling a lock manufacturer to make a lock no one can ever pick. It sounds reasonable until you think about it for more than thirty seconds.
The administration does seem to grasp, at least partially, that it cannot solve this problem itself. Officials were candid that neither the Commerce Department's AI standards body nor the NSA has the bandwidth to monitor every frontier model for every possible exploit. Their ask is that Anthropic take ownership of continuous testing and proactively flag vulnerabilities to the government before they become public problems.
That is a more workable demand than a blanket jailbreak ban, but it still puts Anthropic in a tough spot. The company is now effectively being asked to serve as its own regulator on national security issues, reporting to a government that just yanked its flagship product off the market.
What makes this moment significant beyond Anthropic is the precedent it sets. Fable 5 is the first frontier AI model to be pulled under export control authority over safety concerns. If the administration holds firm and forces Anthropic to build more robust pre-release testing infrastructure before Fable 5 comes back online, every other major AI lab is watching and taking notes.
The White House has not commented publicly. Anthropic has not announced a timeline for getting Fable 5 back online. And the deeper philosophical question, whether any commercial AI model can be made reliably safe against adversarial prompting, remains very much unsettled.
Source: WIRED
SECURITY
Massive Credential Breach Hits NATO, Oracle, FedEx, and Lenovo
Roughly half of every Fortinet firewall visible on the public internet has been compromised, and the attackers did not bother to hide what they found. They just left the credentials sitting on a command-and-control server, which is how a security researcher stumbled across the whole operation.
The scope here is genuinely staggering. Security researcher Bob Diachenko discovered nearly 74,000 compromised Fortinet devices spanning more than 21,000 IP addresses across 194 countries. Among the victims: Oracle, Chevron, Lenovo, FedEx, a NATO defense contractor, and Fortinet itself. The exposed data included not just login credentials in plaintext, but also organizational details like industry, revenue, and employee headcount for each compromised entity.
The attackers, described as Russian-speaking and criminally motivated, ran a methodical operation. They started by mass-scanning the internet for FortiGate remote login endpoints, then deployed a custom tool running 25,000 simultaneous threads to spray those endpoints with credential combinations at industrial scale. Once inside, they did not stop at the firewall. They moved laterally into centralized authentication systems, including Microsoft Active Directory and Radius servers, meaning they effectively owned the keys to entire corporate networks.
From there, the group ran intercepted SSL VPN authentication hashes through a dedicated 45-GPU cracking cluster to recover plaintext passwords. That is not the work of opportunistic script kiddies. That is a well-resourced operation with purpose-built infrastructure and a clear monetization strategy.
As of Wednesday morning, independent researcher Kevin Beaumont reported that almost all of the compromised devices were still online. He also confirmed with multiple affected organizations that the credentials in the leaked data are real and current. That last detail is the one that should be keeping IT teams up at night.
Fortinet firewalls are the kind of infrastructure that organizations deploy precisely because they are supposed to be the hard outer shell protecting everything inside. When the shell cracks at this scale, the damage is not just technical. It is a cascading loss of trust in the entire network perimeter model that most enterprise security teams are built around.
Hudson Rock, the security firm that independently analyzed the breach data, put it bluntly: the attackers have assembled a verified, working credential database for some of the largest enterprises on the planet. That database does not expire the moment it becomes public. Every organization in those logs needs to assume their credentials are actively being used right now and act accordingly.
The immediate advice from every researcher involved is consistent: audit your Fortinet devices, rotate credentials, and check your Active Directory logs for unusual lateral movement. The longer-term lesson is harder to act on but more important. A breach that touches NATO contractors, global logistics networks, and enterprise software giants simultaneously is not a fluke. It is a demonstration of what happens when patch cycles lag and credential hygiene slips at organizational scale.
Source: Ars Technica