“We reviewed a demonstration of this specific technique being used to identify a small number of previously known, minor vulnerabilities. These vulnerabilities all appear relatively simple and we have found that other publicly-available models are able to discover them as well without requiring a bypass,” stated Anthropic after the U.S. government ordered a suspension of access to two of its newest models.
The US export control directive on Fable 5 and Mythos 5
On June 12, Anthropic announced that the U.S. government had issued an export control directive suspending all access to Fable 5 and Mythos 5 by any foreign national. Anthropic said it responded by suspending access to both models for all customers to ensure compliance with the directive. The government invoked “national security concerns,” and Anthropic said it believes the directive stemmed from research that allegedly demonstrated a method of bypassing Fable 5’s guardrails.
Anthropic’s public defense: no universal jailbreak, and the models’ guardrails
Anthropic characterized Fable 5 as a general-access LLM built on the same underlying frontier AI model as Mythos 5, an upgrade from Claude Mythos Preview, but with additional guardrails designed to curb misuse—particularly in cybersecurity where the company said misuse “could be misused to cause serious damage.” The company denied the existence of a “universal jailbreak” for Fable 5 and said it is addressing the research that likely prompted the U.S. action.
Open letter from 54 CISOs and cybersecurity leaders
Two days after the directive, a coalition of 54 CISOs, practitioners and vendors sent an open letter to Howard Lutnick, the U.S. Secretary of Commerce, and Sean Cairncross, the U.S. National Cyber Director, asking that the export control directives on Fable and Mythos be lifted. The signatories also pressed the government to “commit to an open, scientific and transparent process of handling AI risk assessments in the future.”
The signers acknowledged that Anthropic’s latest models are “quite good at finding flaws and weaponizing exploits,” but argued they are not unique in that capacity. The letter said the ability to identify insecure code is “a fundamental feature of any secure coding assistant” and pointed to equivalent capabilities in other models, naming OpenAI’s GPT-5.5, Anthropic’s Claude Opus and Sonnet, and Chinese models such as Kimi 2.7.
The letter warned: “To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” and said the government action had created market uncertainty and risked America’s AI leadership “without any real risk to justify it.” Notable signatories included Alex Stamos, Joe Levy, and Sandra McLeod.
Additional practitioner reaction: access, chaos, and calls for transparency
Beyond the open letter, other practitioners voiced similar concern. William Wright, CEO of Closed Door Security, said the U.S. response “suggests that the worries around jailbreaking these models are real,” but added that banning access was the wrong approach. Wright warned that abruptly cutting off the model “will cause huge logistical problem, both within Anthropic and within any critical industry partners given access to the model. Rather than foster resilience, this move creates chaos.” He called on the U.S. government to work “transparently and with clear guiding principles” with AI and cybersecurity experts.
What this means for technologists, policymakers, and enterprise security teams
- Technologists and security teams: Loss of access to Fable 5 and Mythos 5 removes tools that signatories said are effective at finding insecure code and weaponizing exploits; Anthropic says it is addressing the research underpinning the directive, but the company has already suspended access for all customers to comply with the order.
- Policymakers and regulators: The open letter demanded an “open, scientific and transparent process” for future AI risk assessments and urged lifting the directives; the U.S. government has cited national security concerns and a specific research demonstration as its justification.
- Enterprise procurement and operations leaders: The directive and the abrupt suspension created market uncertainty and, according to practitioners, logistical disruption for Anthropic and its partners—effects the open letter said risked America’s AI leadership without sufficient justification.
The dispute crystallizes a tangible trade-off: a government invoking national security and an industry group insisting defensive capabilities should remain available to those who secure networks. Anthropic has said it reviewed the research cited by the government, denied a universal jailbreak, and is addressing the issue; 54 cybersecurity leaders have asked for the directive to be revoked and for a transparent, scientific assessment process going forward. For now, access to Fable 5 and Mythos 5 remains suspended and the parties are publicly at odds over the proper balance between restriction and readiness.
