David Sacks

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected. When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks. Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview): “Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side. “It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit. “I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.” I posted similar framing on X: On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached). On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize. These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action. It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic. On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos: “Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems. “The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.” My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.

Narrative violation.

Full article: wsj.com/tech/ai/the-jo…

Happy Birthday President Trump! It’s been an honor to work for you. Thank you for your extraordinary leadership in Making America Great Again. Wishing you a wonderful 80th birthday filled with health, happiness, and continued success ahead!

I’ve had a number of conversations with folks inside and outside government about the current situation with Anthropic, and here is what I believe to be true: — As we know, Anthropic publicly released its Mythos class models earlier this week under the commercial name Fable. — Fable is Mythos with guardrails. But if those guardrails fail, then you’ve exposed Mythos and its advanced cyber capabilities to people who shouldn’t have them. (Keep in mind that Anthropic itself widely promoted the idea that Mythos was a cyberweapon and needed to be regulated as such. They asked for government regulation of Mythos and championed the guardrails on Fable. If there is a vulnerability — big or small — it is Anthropic’s responsibility to patch.) — A highly credible trusted partner of both Anthropic and the USG who was testing Fable came forward with a jailbreak of those guardrails. The Admin asked Dario to fix the jailbreak or de-deploy the model. Dario refused. — In their blog post, Anthropic defended its decision by saying the jailbreak isn’t serious. That is not what the trusted partner and the USG believe; nor is that kind of minimizing language consistent with Anthropic’s brand as the AI safety company. It’s difficult to fathom how they could claim a jailbreak allowing operability of a cyber weapon could be defined as not “serious.” — In the past, Anthropic has always said that safety must be top priority and taken super seriously. In this case, Anthropic prioritized the continued offering of the consumer model over safety. — In reaction, the Admin issued the export control. The Admin did this reluctantly. It’s been very surprised that Anthropic hasn’t wanted to cooperate with a reasonable safety request (ie fixing the jailbreak issue). Anthropic’s reaction is very much at odds with their branding and ethos as a safe AI research community. — The Admin’s hope now is that Anthropic remediates the safety issue, the export control is lifted, and Fable goes back into general release. The Admin wants all of this to happen as soon as possible. It is frankly bewildered that Anthropic hasn’t wanted to comply with safety requests that it previously said were its highest priority. — Those trying to misdirect and tie this action to the prior DoW/Anthropic issues are wrong. The Admin values Anthropic’s technical capabilities and feels that this issue, while serious, should be easily resolved. The ball is in Anthropic’s court.

If you were wondering what the "pause" was all about, Ben Thompson @stratechery has an interesting theory: "Late last week the Anthropic Institute released a new safety report warning about the danger of recursive self-improvement... I don’t think the timing is a coincidence. This is a company and leadership that has been honing safety-and-scaremongering-as-marketing-tactic ever since Amodei led the charge to close source OpenAI models because GPT-2 was too dangerous; it’s always fun to see the evolution of tactics, capabilities, and goals, and in this case publishing a widely-discussed report the week before you cite it to silently degrade your offering for potential competitors is impressive."

Worth reading. x.com/tony_davis_x/s…

About 8 months ago, I warned that “Anthropic is running a sophisticated regulatory capture strategy based on fear-mongering.” This take was controversial at the time; now look how many people are saying it. x.com/davidsacks/sta…

Thanks to Legendary Larry Kudlow for having me on the show today to talk about the dangers of over-regulating AI. @larry_kudlow @FoxBusiness foxbusiness.com/media/ex-white…