Trump Pulls AI Security Order Hours Before Signing

Trump scrapped a White House AI executive order signing ceremony at the last minute, citing concerns about US competitiveness - even as Anthropic Mythos and OpenAI's GPT-5.5-Cyber showed AI can now find and exploit zero-days at scale.

Elena Marchetti By Elena Marchetti 6 min read
Share
Trump Pulls AI Security Order Hours Before Signing

Tech executives had already accepted their invitations. The White House had confirmed the time. Then, less than an hour before President Donald Trump was scheduled to sign a landmark executive order on artificial intelligence and cybersecurity, he cancelled the ceremony.

"I didn't like certain aspects of it, I postponed it," Trump told reporters on Thursday. He added that the US is "leading China, we're leading everybody," and that he didn't want to do anything "that's going to get in the way of that lead."

TL;DR

  • Trump scrapped a planned AI executive order signing on May 21, 2026, hours before the ceremony
  • The order contained two parts: a voluntary cybersecurity clearinghouse and a 90-day pre-release model review framework
  • OpenAI and Anthropic were actively negotiating the terms with the White House
  • The trigger for the order: Anthropic's Mythos model and OpenAI's GPT-5.5-Cyber have both shown AI can find and exploit real-world vulnerabilities at a pace no human team can match
  • Trump has now cancelled Biden's AI safety rules and his own successor framework

The Ceremony That Never Happened

The executive order had been in preparation for months, postponed multiple times as White House officials argued internally over its scope. By mid-May, it appeared ready. The White House sent out formal invitations to AI company leaders for a signing ceremony on Thursday, May 21.

The order's drafting had "exposed how conflicted the administration is on the matter," according to reporting from Axios, which obtained details ahead of the scheduled signing. That conflict came to a head publicly when Trump reversed course in front of cameras, citing competitiveness concerns without specifying which provisions he objected to.

No new signing date has been announced.

What the Order Would Have Done

The draft executive order had two distinct sections, each addressing a different slice of the AI security problem.

A Voluntary Clearinghouse for AI Vulnerabilities

The cybersecurity section would have established a voluntary "clearinghouse" run jointly by the Treasury Department, other federal agencies, and AI companies. The purpose: to find and fix security vulnerabilities in AI models before they're released to the public. The draft also called for expanded hiring at the US Tech Force, the government body tasked with modernizing federal computer infrastructure.

Both provisions were voluntary. No AI company would have been compelled to participate.

The 90-Day Pre-Release Framework

The second section, labeled "Covered Frontier Models," defined a process under which AI labs would share their most advanced models with the government at least 90 days before any public release. The framework would also give early access to operators of critical infrastructure - banks, hospitals, utilities - so they could begin assessing exposure before the models became available to everyone.

OpenAI and Anthropic were the two companies actively negotiating the framework's terms with White House officials. The access provision had drawn particular attention: sharing a frontier model with the government months before launch is a significant commitment for any company managing competitive timelines.

The White House in Washington DC, where the signing ceremony was scheduled The White House signing ceremony was called off hours before it was set to take place. Source: pexels.com

The Catalyst - Two Models Changed Everything

The executive order didn't emerge from thin air. It was a direct response to what two AI models demonstrated about the state of offensive cyber capability.

What Mythos Demonstrated

Anthropic's Claude Mythos Preview identified thousands of zero-day vulnerabilities - flaws that were previously unknown to software developers - across every major operating system and every major web browser. The model found vulnerabilities in other critical software as well, some of them dormant for ten or twenty years without detection.

On a Firefox JavaScript engine benchmark, Mythos developed working exploits 181 times. Its predecessor, Claude Opus 4.6, achieved that only twice across several hundred attempts.

Anthropic released Mythos exclusively through Project Glasswing, initially limiting access to Apple, Amazon, JPMorgan Chase, and Palo Alto Networks. The goal was to give defenders a head start before models with equivalent capabilities became broadly available. But limited release isn't the same as controlled release: a group of Discord users managed to gain unauthorized access to Mythos Preview shortly after its launch, as reported here.

GPT-5.5-Cyber and the Dual-Use Dilemma

OpenAI's parallel track produced GPT-5.5-Cyber, a tuned version of its GPT-5.5 model built for vetted cybersecurity teams. The UK's AI Safety Institute assessed it and found the model completed an attack chain in two of ten benchmark runs. OpenAI made it available in early May to defenders protecting critical infrastructure, with fewer guardrails than the standard model to support workflows like vulnerability triage and malware analysis.

The model still blocks credential theft and malware writing. Starting June 1, the highest-tier access requires phishing-resistant authentication. But as the previous coverage of GPT-5.5-Cyber noted, the distinction between "defensive" and "offensive" capability narrows far when the underlying model is the same.

Digital security padlock and binary code representing AI-powered cybersecurity threats Anthropic Mythos and OpenAI GPT-5.5-Cyber brought the AI vulnerability exploitation problem into sharp relief. Source: pexels.com

Regulatory Whiplash

The irony of Thursday's postponement is difficult to ignore.

Biden's October 2023 executive order on AI had required frontier AI companies to share safety test results with the federal government before public release. It was one of the most direct attempts to build government visibility into advanced AI development. Trump rescinded it on returning to office in January 2025, as part of a broader push to clear what his administration described as barriers to US AI leadership.

His own January 2025 executive order directed agencies to remove Biden-era AI rules and accelerate development. A later order created a DOJ "AI Litigation Task Force" to sue states that attempted to regulate AI independently, a move that split even Republican governors, as covered here.

Now, sixteen months later, the administration was trying to rebuild some version of what it dismantled - prompted by the same frontier model capabilities its permissive approach helped bring to market faster.

The order that was scrapped Thursday wasn't identical to Biden's. The framework was voluntary where Biden's required disclosure. The cybersecurity clearinghouse was a new structure without a direct predecessor. But the underlying logic - that the government needs some visibility into advanced AI before it reaches the public - is the same logic Trump declared unnecessary in January 2025.

The administration's internal disagreement didn't resolve Thursday. It just went back behind closed doors. No date has been set for a revised signing. The companies that had spent months negotiating the framework's terms now have no clarity on what comes next. And the models that prompted the whole exercise - Mythos, GPT-5.5-Cyber, and whatever follows them - will keep shipping regardless of what Washington decides to sign.

Sources:

Tagged
Trump AI Policy AI Safety Cybersecurity Anthropic OpenAI National Security
Elena Marchetti
About the author Senior AI Editor & Investigative Journalist

Elena is a technology journalist with over eight years of experience covering artificial intelligence, machine learning, and the startup ecosystem.