US government forces Anthropic to pull Fable 5 and Mythos 5 models over jailbreak exploit

At a glance:

• US government issued emergency export control directive on June 12 forcing Anthropic to suspend Fable 5 and Mythos 5 access for all foreign nationals
• To ensure compliance, Anthropic disabled both models globally for all customers including US citizens
• Anthropic disputes the order, calling the underlying jailbreak exploit minor and present in rival models like GPT-5.5

The emergency directive and immediate suspension

On June 12 the US government delivered an emergency export control directive to Anthropic requiring the immediate suspension of access to its two flagship models, Fable 5 and Mythos 5, for any foreign national regardless of location. The order covered foreign nationals inside the United States, foreign nationals abroad, and even foreign national employees working at Anthropic itself. Because the company could not technically segregate access at the granularity the order demanded, it chose to disable both models for every customer worldwide, including US citizens, while leaving all other Anthropic models operational. Anthropic described the directive as abrupt and sparsely documented, citing national security authorities without providing detailed justification at the time of delivery.

The practical effect is a complete commercial blackout for the company's most advanced reasoning and coding models, a move without precedent for a domestic AI provider. Customers who had integrated Fable 5 or Mythos 5 into production workflows lost access overnight with no transition period. Anthropic emphasized that the suspension applies only to those two models and that its remaining portfolio, including earlier Fable and Mythos generations, continues to serve users without interruption.

The jailbreak exploit at the center of the order

The government's concern centers on a specific jailbreak technique that allows a user to bypass the models' safety guardrails and instruct them to scan a targeted codebase for software vulnerabilities. According to Anthropic, the exploit is narrow and non-universal, meaning it does not work consistently across all prompts or codebases and requires particular conditions to succeed. The capability to discover and patch flaws in software is, in the company's view, a dual-use feature that can aid legitimate security research as much as it could assist malicious actors. Anthropic argues that the same class of vulnerability discovery is already achievable with other publicly available frontier models, including OpenAI's GPT-5.5, making the singling out of its models disproportionate.

Before launching Fable 5 and Mythos 5, Anthropic invested thousands of hours in red-teaming exercises conducted jointly with US government agencies and the UK AI Safety Institute. Those evaluations reportedly did not flag the jailbreak as a critical risk warranting deployment blockage. The company maintains that perfect jailbreak resistance is technically impossible with current architectures and that the industry standard should be a defense-in-depth approach combining layered mitigations, continuous monitoring, and rapid patching rather than an absolute guarantee of impenetrability.

Anthropic's pushback and call for industry standards

In its public statement Anthropic labeled the government's action a misunderstanding and warned that applying such a standard across the frontier model ecosystem would effectively halt all new model deployments. The company pointed out that if any discovered software vulnerability capability triggers an emergency export control, every provider — including OpenAI, Google, and others — would face similar blackouts whenever a new jailbreak or exploit surfaces. Anthropic framed the issue as a systemic risk to the billions of dollars invested in research and development across the American AI sector and to the customers who rely on steady model improvements for competitive advantage.

The company is actively engaging with officials to resolve the matter and restore access to Fable 5 and Mythos 5. Anthropic has not disclosed a timeline for resolution but signaled willingness to implement additional monitoring or access controls short of a total suspension. The episode has reignited debate over whether export control frameworks designed for physical dual-use goods are appropriate for software artifacts that can be copied, modified, and deployed globally in seconds.

Historical parallels and the Huawei precedent

Observers have drawn immediate parallels to the Department of Commerce's 2019 placement of Huawei on the Entity List, which severed the Chinese telecommunications giant from US supply chains and software ecosystems under national security pretenses. That action targeted a foreign adversary to protect domestic industrial and security interests. The current directive, by contrast, targets a US-based company's own homegrown models, effectively recalling American software assets from the global market out of geopolitical caution. The inversion — restricting domestic innovation rather than foreign access — marks a significant shift in how export controls are being weaponized in the AI era.

If the precedent holds and is applied evenly, any frontier model provider could face a commercial blackout the moment a researcher or red-teamer demonstrates a new vulnerability discovery capability. Such a regime would introduce unacceptable business risk for companies that have collectively poured billions into model training, infrastructure, and safety engineering. It would also degrade the utility of AI tools for legitimate developers, security teams, and enterprises that depend on the latest models for code analysis, vulnerability remediation, and automated testing.

What to watch next

Anthropic has committed to working with government officials to find a path forward that satisfies national security requirements without a permanent global suspension. The outcome will likely shape how future export control directives are drafted for AI systems, particularly regarding the definition of "foreign national access" in cloud-delivered services and the threshold for triggering emergency measures. Industry groups and legal experts are expected to push for clearer guidelines that distinguish between theoretical dual-use capabilities and demonstrated malicious exploitation. Meanwhile, customers of Fable 5 and Mythos 5 must rely on alternative models or earlier Anthropic generations until the restriction is lifted or modified.

The broader question is whether the US government will adopt a collaborative framework — akin to the voluntary commitments secured from leading AI labs in 2023 — or continue to wield export controls as a blunt instrument. The answer will determine not only Anthropic's product roadmap but also the competitive dynamics of the entire frontier model market and the willingness of investors to fund long-horizon AI research under regulatory uncertainty.