What happens to your business when the AI tool you rely on gets shut off overnight, not by a hacker, but by the U.S. government? Last Friday, Anthropic, the maker of Claude, pulled its two newest AI models offline within hours of a letter from Washington. This is the first time that has ever happened to a leading AI company, and it should change how every owner thinks about the tools they depend on. *Every tool you depend on is a switch someone else can flip.* Bryan Hornung, Randy Bryan, and Reginald Andre break down this week's stories for the executives, owners, and operators who don't have time to keep up with cyber news but can't afford to be blindsided by it either. First up: Anthropic. The Commerce Department ordered the company to block its newest models, Fable 5 and Mythos 5, for any foreign national, citing national security. Anthropic couldn't separate who was allowed from who wasn't fast enough, so it shut the models off for everyone just six days after launching them. And the trigger reportedly wasn't a foreign spy at all. It was a warning from a competitor, Amazon, which demonstrated a way to bypass the model's safeguards. If your company has wired a critical process to a single AI vendor, you just watched how fast that capability can vanish. Next, the FBI disrupted one of the largest AI-powered scam operations ever seen. A China-based crime ring called "Outsider Enterprise" used artificial intelligence to write flawless scam texts and blasted out 2.5 million of them in two weeks while impersonating brands people trust through AT&T, T-Mobile, and Verizon. Authorities tied more than one million fake web addresses and 3.8 million stolen credit cards to the operation, with an estimated $1.9 billion in losses. The old advice to "watch for typos" is dead. These messages are clean, personal, and look exactly like the real thing. If your brand gets impersonated, your customers pay the price and your reputation takes the hit. Finally, Russia's military intelligence is hiding inside everyday routers. The group known as Fancy Bear has been quietly taking over the inexpensive routers small offices and remote workers buy off the shelf, including MikroTik, TP-Link, and Ubiquiti EdgeRouters, and using them to steal Microsoft 365 logins in transit. They even hide their commands inside normal cloud services so nothing looks suspicious. At its peak, researchers counted more than 18,000 infected connections across 120 countries. The scariest part: they steal the login token, allowing them to bypass multi-factor authentication and remain logged in even after the password is changed. Three stories. One thread. A government order, a billion-dollar scam ring, and a foreign intelligence unit all reached into technology many organizations assumed they controlled. In this episode, we discuss: • Why the government forced Anthropic to pull its newest AI models and what it means for your business • How an AI-powered crime ring scammed people out of an estimated $1.9 billion • Why the router in your closet might be working for Russian intelligence • How "restrict some" quietly becomes "shut it all off" • Why stolen login tokens can bypass your multi-factor authentication • What concentration risk means when you bet your operation on a single vendor • The Monday-morning moves that actually protect your business Security Squawk is a weekly podcast and livestream for business owners and executives. Support the show: buymeacoffee.com/securitysquawk Subscribe | Like | Share #SecuritySquawk #CyberSecurity #Anthropic #AI #FBI #Phishing #Smishing #FancyBear #VendorRisk #BusinessRisk #SMB #MFA
