White House Considers AI Model Oversight as Cybersecurity Concerns Mount
The Trump administration is weighing stricter oversight of American AI models over concerns about their hacking capabilities, marking a shift from its earlier light-touch approach to AI regulation. The administration wants to establish a group of tech executives and government officials to propose oversight procedures for new AI model releases, with options including formal government review processes.
The move comes as cybersecurity authorities worldwide prepare for the impact of increasingly capable models. Last week, the U.K.'s National Cyber Security Centre warned of an impending "vulnerability patch wave" as AI systems find and fix security flaws that have accumulated over decades.
Two Companies, Two Different Release Strategies
Anthropic and OpenAI have taken opposing approaches to managing the risks posed by their latest models. Anthropic released Mythos Preview to a limited number of trusted organizations through its Project Glasswing initiative, giving them early access to find and patch vulnerabilities before broader release. Mozilla reported fixing 271 Firefox vulnerabilities after gaining access.
OpenAI released GPT5.5 to all customers and instead relied on model safeguards to prevent disclosure of zero-day exploits. Users in cybersecurity roles can verify their identity with OpenAI to reduce restrictions on the model's capabilities.
The White House has opposed Anthropic's plan to expand Mythos access to 70 additional companies, according to the Wall Street Journal. The administration has made no similar pronouncements about GPT5.5, despite the U.K.'s AI Security Institute finding that it may actually outperform Mythos at cybersecurity tasks.
The Limitation of Access Controls
Restricting access to frontier models may provide less protection than policymakers expect. Last week, a former Google Distinguished Engineer demonstrated that older commercial and open-weight models can independently rediscover vulnerabilities found by newer systems when used with proper techniques.
This suggests that holding back advanced models for 90 days of government-approved review will have limited impact on overall vulnerability discovery rates. The capability to find zero-days is spreading across the AI ecosystem faster than access controls can contain it.
A better approach may be for the government to observe and gather data before imposing rules. Questions that need answers: How many zero-day vulnerabilities does each new model release uncover? What are their severity scores? Are vendors actually patching the bugs? How capable are older and open-weight models at finding vulnerabilities? The government lacks the information needed to regulate effectively.
Australia's Cyber Review Board Hampered by Liability Restrictions
Australia announced a new Cyber Incident Review Board this week to conduct post-incident reviews of significant cybersecurity incidents. The timing is relevant given AI's emerging role in novel attack methods.
The board's effectiveness will be limited by legislation that prohibits it from apportioning blame or determining liability. This prevents the board from identifying when poor security decisions by organizations contributed to incidents.
Compare this to the U.S. Cyber Safety Review Board, which excoriated Microsoft for a "cascade of security failures" in its recent report. That direct criticism prompted Microsoft's CEO to declare security a top priority company-wide and served as a warning to other organizations.
Australia's transport safety investigations operate differently. They can apportion blame while maintaining liability protections through legislation stating that reports "are not admissible in evidence in any civil or criminal proceedings." This single change makes investigations far more effective at driving organizational change.
Elsewhere This Week
- Supply chain attack on DAEMON Tools: The popular CD and USB burning software has been shipping with a backdoor since at least April 8. Installers signed with the vendor's legitimate certificate suggest deep access to the developer's internal systems. The backdoor collects machine data including MAC address, hostname, and installed software lists.
- DigiCert compromised via screensaver file: An attacker gained access to DigiCert's backend and stole 27 code signing certificates. The breach traced back to social engineering that convinced tech support staff to run an SCR screensaver file.
- Moldova healthcare database breached: A hacking group stole personal and financial information from Moldova's national healthcare database. The extent of data destruction remains unclear after conflicting statements from officials.
- Google changes vulnerability reward programs: Google announced changes reflecting AI's impact on bug discovery. The program now rewards reports that are both impactful and difficult for automated tools to find. A full chain Pixel Titan M2 compromise pays up to $1.5 million.
- U.S. and China collaborate on scam takedown: Coordinated action led to more than 270 arrests and dismantled nine cryptocurrency investment scam centers in Dubai.
- Elections Canada watermarks electoral lists: The agency inserts bogus data into distributed electoral lists to trace leaks to their source, a technique that successfully identified the origin of a recent unauthorized release.
- FTC bans sensitive location data sales: Data broker Kochava agreed to stop sharing or selling precise geolocation data without consent, including locations of places of worship and health clinics.
Your membership also unlocks:
