{"slug": "policy-pulse-issue-21-week-of-june-27-2026", "title": "Policy Pulse – Issue #21 – Week of June 27, 2026", "summary": "The US Commerce Department partially lifted its export control suspension on Anthropic's Mythos 5 AI model, clearing it for over 100 critical-infrastructure organizations while keeping Fable 5 blocked. The move echoes the Wassenaar Arrangement debate, raising concerns about transparency and the impact on vulnerability disclosure and security research.", "body_md": "# Policy Pulse - Issue #21 | Week of June 27, 2026\n\nCommerce clears Anthropic's Mythos 5 for 100-plus US critical-infrastructure orgs while Fable 5 stays blocked, and the export-control fight is starting to rhyme with Wassenaar. Plus the post-quantum EO and four max-severity KEV adds.\n\n# Policy Pulse - Issue #21 | Week of June 27, 2026\n\n*Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.*\n\n### Top Story\n\n**Fifteen days after export control pulled Anthropic's offensive cyber models, the government issued a partial reprieve: Mythos 5 is cleared for about 100 named US critical-infrastructure organizations, Fable 5 stays blocked, and the whole episode is starting to rhyme with the Wassenaar fight the security community already won once.**\n\nOn June 26, Commerce Secretary Howard Lutnick sent Anthropic a letter lifting part of the June 12 suspension. Lutnick wrote that he had \"determined that appropriate safeguards are in place to permit certain trusted partners to access the Claude Mythos 5 Model,\" clearing it for roughly 100-plus US organizations that operate and defend critical infrastructure ([TechCrunch](https://techcrunch.com/2026/06/26/trump-admin-releases-anthropic-mythos-to-be-used-by-more-than-100-us-companies-agencies/?ref=blog.disclose.io), [Semafor](https://www.semafor.com/article/06/27/2026/us-releases-powerful-anthropic-model-mythos-to-some-us-companies?ref=blog.disclose.io)). Fable 5, the general-availability model, was not addressed in the letter and remains blocked, and the list of approved organizations has not been made public ([Semafor](https://www.semafor.com/article/06/27/2026/us-releases-powerful-anthropic-model-mythos-to-some-us-companies?ref=blog.disclose.io)). The original directive came after the government concluded a jailbreak method had been found, a finding Anthropic disputed at the time as \"a narrow potential jailbreak\" not worthy of recalling a model \"deployed to hundreds of millions of people\" ([Anthropic](https://www.anthropic.com/news/fable-mythos-access?ref=blog.disclose.io)).\n\nStrip away the AI novelty and the shape of this is familiar. In 2013 the Wassenaar Arrangement, the multilateral export-control regime, added \"intrusion software\" to its dual-use control list. When the US Commerce Department proposed implementing rules in 2015, the security community realized the definitions were broad enough to sweep up the everyday tools and exploit code that defenders, researchers, and incident responders depend on, treating a penetration test like a weapons shipment. Companies including Google and Facebook objected that the controls would hit penetration testing, threat-information sharing, and bug bounty programs ([Wassenaar Arrangement](https://en.wikipedia.org/wiki/Wassenaar_Arrangement?ref=blog.disclose.io)). The proposal was not adopted as written, and the control language was later renegotiated to add end-use exemptions for vulnerability disclosure and incident response ([Wikipedia: Katie Moussouris](https://en.wikipedia.org/wiki/Katie_Moussouris?ref=blog.disclose.io)). The thing that saved defensive security was not the absence of controls. It was a transparent, technically grounded carve-out won by experts who got in the room.\n\nThat is the lens to hold over the Mythos episode. Export control is once again the lever pointed at a dual-use capability, except this time it moved first and asked questions later: a deployed model recalled in 72 hours, restored two weeks later only for a secret list of approved organizations, with no published technical threshold and no visible appeal. Wassenaar took four years and a public fight to get to a workable carve-out. The AI version is running that same loop at compressed speed, and so far without the transparency that made the first one survivable.\n\n**Why it matters for VDP:** The disclosure community has lived through exactly this movie, and the ending was good only because the technical line between offense and defense was drawn in the open. An export-control regime that decides case by case, behind a sealed annex, which organizations may use a defensive AI capability is a regime that can quietly redraw that line against researchers and tool vendors. The lesson from Wassenaar is that the carve-out has to be fought for early and in public, not assumed.\n\n*Throwback: In Issue #20 we called the June 12 recall the first government recall of a deployed frontier cyber model and flagged that it ran through export control rather than any disclosure standard. The June 26 partial reprieve confirms the pattern: the governance of offensive-capable AI is now an export-control story, and the disclosure community is downstream of every move.*\n\n### Upcoming Deadlines & Events\n\n**July 2, 2026**: NIST SP 800-228A (Guidelines for Secure Deployment of RESTful Web APIs) public comment closes. APIs are the dominant modern bug-bounty target class. ([NIST CSRC](https://csrc.nist.gov/pubs/sp/800/228/a/ipd?ref=blog.disclose.io))**~July 2, 2026 (EO 14409 +30 days)**: CISA Binding Operational Directives (Sec 2(c)) and the Treasury-led AI cybersecurity clearinghouse (Sec 2(d)) are due. ([White House](https://www.whitehouse.gov/presidential-actions/2026/06/promoting-advanced-artificial-intelligence-innovation-and-security/?ref=blog.disclose.io))**July 6, 2026**: NIST IR 8323r2 (PNT/GPS resilience profile, rebuilt on Cybersecurity Framework 2.0) public comment closes. ([NIST CSRC](https://csrc.nist.gov/pubs/ir/8323/r2/ipd?ref=blog.disclose.io))**July 8, 2026**: NIST SP 1800-41 (Responding to and Recovering from a Cyber Attack, Manufacturing Sector) public comment closes. ([NIST CSRC](https://csrc.nist.gov/pubs/sp/1800/41/ipd?ref=blog.disclose.io))**July 25, 2026**: NIST must submit a formal action plan responding to the Commerce OIG report on its management of the National Vulnerability Database. ([Help Net Security](https://www.helpnetsecurity.com/2026/06/01/nist-nvd-management-problems/?ref=blog.disclose.io))**August 24, 2026**: Petitions for new and renewal DMCA Section 1201 exemptions are due in the Copyright Office's tenth triennial rulemaking. The good-faith security-research exemption is in play for 2027 through 2030. ([Copyright Office](https://www.copyright.gov/1201/2027/?ref=blog.disclose.io))**September 11, 2026**: EU Cyber Resilience Act reporting obligations go live, including a 24-hour early-warning clock for actively exploited vulnerabilities. ([ENISA](https://www.enisa.europa.eu/topics/product-security-and-certification/single-reporting-platform-srp?ref=blog.disclose.io))**September 28, 2026**: Written comments on DMCA Section 1201 renewal petitions due. ([Copyright Office](https://www.copyright.gov/1201/2027/?ref=blog.disclose.io))**December 31, 2030 / 2031**: Under EO 14412, federal High Value Assets must migrate to post-quantum cryptography for key establishment (2030) and digital signatures (2031). ([Federal Register](https://www.federalregister.gov/documents/2026/06/25/2026-12909/securing-the-nation-against-advanced-cryptographic-attacks?ref=blog.disclose.io))\n\n### This Week in Policy\n\n#### Federal Strategy & Regulation\n\n**Trump signs the post-quantum cryptography executive order, and the migration surface is now a disclosure surface.** On June 22, the President signed Executive Order 14412, \"Securing the Nation Against Advanced Cryptographic Attacks,\" directing federal agencies to move High Value Assets to post-quantum cryptography for key establishment by December 31, 2030 and for digital signatures by December 31, 2031, with a companion procurement rule pulling federal contractors onto the same clock ([Federal Register](https://www.federalregister.gov/documents/2026/06/25/2026-12909/securing-the-nation-against-advanced-cryptographic-attacks?ref=blog.disclose.io),[CyberScoop](https://cyberscoop.com/trump-executive-order-post-quantum-encryption-deadline/?ref=blog.disclose.io)). For the disclosure community the second-order effect is the story: years of rushed PQC library swaps across government and its supply chain means a fresh, large class of cryptographic-implementation bugs is about to enter intake queues, and most VDP programs have no PQC-specific triage path yet.\n\n#### CVE & Vulnerability Programs\n\n**CISA adds four actively exploited edge-device flaws to KEV, two rated CVSS 10.0.** On June 23, CISA cataloged three Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908 improper access control, CVE-2026-34909 path traversal, CVE-2026-34910 command injection) plus CVE-2025-67038, a root-level code-injection bug in the Lantronix EDS5000 (CVSS 9.8), with a federal remediation deadline of June 26 ([CISA](https://www.cisa.gov/news-events/alerts/2026/06/23/cisa-adds-four-known-exploited-vulnerabilities-catalog?ref=blog.disclose.io),[The Hacker News](https://thehackernews.com/2026/06/cisa-warns-critical-lantronix-eds5000.html?ref=blog.disclose.io),[Security Affairs](https://securityaffairs.com/194142/security/u-s-cisa-adds-ubiquiti-unifi-os-and-lantronix-eds5000-plugin-flaws-to-its-known-exploited-vulnerabilities-catalog.html?ref=blog.disclose.io)). Two of the UniFi flaws (CVE-2026-34908 and CVE-2026-34910) carry maximum CVSS 10.0 scores. Internet-facing, exploit-automatable edge gear is exactly the class that floods inbound VDP queues, and the three-day deadline is a useful triage-priority signal for any program scoping these vendors.**NVD will not enrich its pre-March 2026 backlog.** NVD has moved all CVEs published before March 1, 2026 to \"Not Scheduled,\" meaning the large pre-March backlog will not receive routine enrichment as NIST shifts to a selective model that prioritizes KEV-listed, critical-infrastructure, and federal-impact CVEs ([Infosecurity Magazine](https://www.infosecurity-magazine.com/news/nvd-enrichment-premarch-2026/?ref=blog.disclose.io)). Handlers can no longer assume an older CVE will ever carry authoritative CVSS or CWE metadata. Programs that key SLAs off NVD enrichment need a fallback to CNA data or alternative feeds.\n\n#### AI & Emerging Tech Security\n\n**The Mythos partial reprieve is the AI story of the week**(see Top Story). The short version for program operators: a defensive-capable model is back in limited, gated US deployment, the broad model is still dark, and the governance vehicle remains export control rather than any disclosure or coordination framework.\n\n#### Legal & Researcher Protections\n\n**A quiet docket keeps the August DMCA 1201 deadline as the live event.** No new CFAA reform bill, DOJ charging-guidance change, or in-window security-research ruling surfaced between June 20 and 27. The standing catalyst is unchanged: petitions to renew and expand the good-faith security-research exemption under DMCA Section 1201 are due August 24 in the Copyright Office's tenth triennial rulemaking, the file-or-lose moment for the 2027 through 2030 exemption term ([Copyright Office](https://www.copyright.gov/1201/2027/?ref=blog.disclose.io)).\n\n#### International Developments\n\n**EU CRA reporting go-live is now under three months out.** The Cyber Resilience Act's vulnerability and incident reporting obligations begin September 11, including a 24-hour early-warning clock for actively exploited vulnerabilities filed through ENISA's Single Reporting Platform ([ENISA](https://www.enisa.europa.eu/topics/product-security-and-certification/single-reporting-platform-srp?ref=blog.disclose.io)). Any vendor or coordinator touching the EU market should be pressure-testing its 24/72-hour reporting workflow now, because the clock is mandatory and short.\n\n### Worth Reading\n\n: A clean account of what the June 26 Lutnick letter does and does not cover, including the still-blocked status of Fable 5 and the confidential approved-organization list.[Semafor: US releases powerful Anthropic model Mythos to some US companies](https://www.semafor.com/article/06/27/2026/us-releases-powerful-anthropic-model-mythos-to-some-us-companies?ref=blog.disclose.io): The practical read on the new post-quantum executive order and how it accelerates the federal migration timeline.[CyberScoop: Trump executive orders speed up post-quantum migration](https://cyberscoop.com/trump-executive-order-post-quantum-encryption-deadline/?ref=blog.disclose.io): Useful technical detail on the week's KEV additions if you triage edge-device reports.[The Hacker News: CISA warns critical Lantronix EDS5000 flaw is being actively exploited](https://thehackernews.com/2026/06/cisa-warns-critical-lantronix-eds5000.html?ref=blog.disclose.io)\n\n### Friends of disclose.io\n\n**Katie Moussouris: the person who already won the export-control fight once**\n\nThis week's top story draws a line from the Mythos export-control episode back to the Wassenaar Arrangement, and it is impossible to tell the Wassenaar story honestly without Katie Moussouris in it. Founder and CEO of Luta Security, co-author and co-editor of ISO/IEC 29147 and 30111 (the international standards that define how the world does coordinated vulnerability disclosure), and the architect of both Microsoft's first bug bounty and Hack the Pentagon, Moussouris also worked with the US government to renegotiate the Wassenaar intrusion-software language so that vulnerability disclosure and incident response were protected rather than swept up as controlled munitions ([Luta Security](https://www.lutasecurity.com/founder-ceo?ref=blog.disclose.io), [Wikipedia](https://en.wikipedia.org/wiki/Katie_Moussouris?ref=blog.disclose.io)).\n\nThat history is not a museum piece this week, it is the playbook. The reason defenders can still trade exploit code and run cross-border incident response is that experts engaged the export-control process early, in public, and on technical terms. Moussouris has spent 2026 making the same argument about AI: in June she helped review the security research behind Anthropic's models and backed the open letter opposing the government's export controls on them, arguing that the capability to ask an AI to \"fix this code\" is fundamentally defensive and cannot be cleanly walled off ([Fortune](https://fortune.com/2026/06/15/fix-this-code-three-words-behind-us-government-shut-down-anthropic-fable-mythos-ai-models-katie-moussouris-open-letter/?ref=blog.disclose.io)). It is the Wassenaar lesson restated for the model era.\n\nShe was also one of the defining voices during the 2025 CVE funding crisis, warning that an abrupt halt would be like \"depriving the cybersecurity industry of oxygen and expecting it to spontaneously sprout gills\" ([The Register](https://www.theregister.com/2025/04/16/homeland_security_funding_for_cve/?ref=blog.disclose.io)). Across export control, standards, and core infrastructure, her through-line is the one disclose.io exists to defend: defenders need access, openness, and legal safety to do the work.\n\n**Why her work matters this week:**\n\n- She turned a near-disaster for security research (the 2015 Wassenaar implementation proposal) into a workable carve-out, the exact outcome the AI export-control track now needs.\n- Her standards work (ISO 29147 and 30111) is the coordination backbone every VDP program runs on.\n- In 2026 she has been the go-to expert connecting AI capability policy back to coordinated disclosure, the precise intersection this issue is about.\n\n*The week's top story is an export-control fight over an AI model. The reassuring part is that the community has run this exact play before and won it, and the person who helped win it is still in the room.*\n\n*Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.*\n\n*Have a tip or want to contribute? Reply to this email, reach out on Twitter/X, or drop a comment here!*", "url": "https://wpnews.pro/news/policy-pulse-issue-21-week-of-june-27-2026", "canonical_source": "https://blog.disclose.io/policy-pulse-issue-21-week-of-june-27-2026/", "published_at": "2026-06-28 11:46:03+00:00", "updated_at": "2026-06-28 12:05:18.047657+00:00", "lang": "en", "topics": ["ai-policy", "ai-safety", "artificial-intelligence", "ai-ethics"], "entities": ["Anthropic", "Commerce Department", "Howard Lutnick", "Mythos 5", "Fable 5", "Wassenaar Arrangement", "Google", "Facebook"], "alternates": {"html": "https://wpnews.pro/news/policy-pulse-issue-21-week-of-june-27-2026", "markdown": "https://wpnews.pro/news/policy-pulse-issue-21-week-of-june-27-2026.md", "text": "https://wpnews.pro/news/policy-pulse-issue-21-week-of-june-27-2026.txt", "jsonld": "https://wpnews.pro/news/policy-pulse-issue-21-week-of-june-27-2026.jsonld"}}