Fable 5 and Mythos 5: what it means when a government shuts down a model already on the market
On June 9, 2026, Anthropic launches Claude Fable 5 and Mythos 5, framing them as a paradigm leap in software engineering and cybersecurity. Thirteen days later, both models are switched off for anyone who isn’t a US citizen — which, in practice, means almost everyone. Not because of a serious technical flaw, not because of an incident. Because of a US government order.
This is the first time a government has forced the withdrawal of an AI model already deployed to the public. It’s worth understanding what happened, why, and what it means for anyone building on top of third-party models.
The two models
Fable 5 is the public version: an advanced model with extensive safeguards designed to block use in sensitive areas like offensive cybersecurity and biotechnology. Mythos 5 is its more restricted sibling, distributed only to a select perimeter of institutional and enterprise partners under the Glasswing program — built to test a defensive use of the same raw capability, explicitly aimed at SOCs and critical infrastructure defense.
In Glasswing’s testing, according to testimony given to the US Senate by General Joshua Rudd (NSA / US Cyber Command), Mythos found vulnerabilities in nearly all of the US government’s classified computer systems within hours, not weeks. That alone explains why Washington treats these models as dual-use assets: extremely useful to defenders, potentially dangerous in the wrong hands.
The order
On June 12, at 5:21pm Eastern, the US Department of Commerce — signed by Secretary Howard Lutnick — sends Anthropic an export control directive. The same legal tool used to restrict advanced semiconductor exports, applied here to a language model: suspend access to Fable 5 and Mythos 5 for any non-US citizen, inside or outside the United States, including Anthropic’s own foreign employees.
Anthropic can’t filter access by nationality on a globally distributed service. The result: it shuts down both models for everyone, everywhere.
Anthropic says the official justification was vague — a letter that provided no specific technical details about the national security concern. The substance, pieced together in the following days: the government believes it identified a way to bypass Fable 5’s safeguards, a kind of jailbreak.
What Anthropic actually says
The company’s public response is unusually direct, and worth reading closely because it dismantles the government’s justification piece by piece:
- Fable’s safeguards were red-teamed for thousands of hours together with the US government, the UK AISI, and third-party organizations — and turned out to be more robust than any previously deployed model.
- No tester found a universal jailbreak — one that broadly unlocks the model’s cyber capabilities.
- The technique flagged by the government is a non-universal jailbreak: essentially, asking the model to read a specific codebase and fix its flaws. The vulnerabilities found this way are minor, already known, and discoverable by other public models too — including OpenAI’s GPT-5.5 — without needing any bypass at all.
- Anthropic never received written evidence. Only verbal claims.
In short: Anthropic argues that the standard used to justify recalling a commercial model deployed to hundreds of millions of people, if applied consistently, would halt every new release from every frontier lab in the industry.
There’s a detail that matters as much as the technical argument: Anthropic is the same company the Pentagon classified as a “supply chain risk” earlier this year, after Anthropic tried to limit the US military’s use of Claude — a clash that turned into a lawsuit against the government. The Fable/Mythos shutdown lands inside that broader friction, not in a vacuum.
Why it matters even if you don’t use these models
The technical question — how dangerous this specific jailbreak really is — matters less than the precedent it sets: a government can, with a letter containing no public evidence, force the immediate, global shutdown of a commercial AI model already wired into production pipelines, SOCs, code review, and everyday work tools.
For anyone building products on top of a third-party API, this is a new kind of operational risk, distinct from rate limits, deprecations, or pricing changes: direct regulatory risk, capable of switching off a tool overnight, with no warning and no clear path to appeal. More than a hundred cybersecurity experts — including executives from Adobe and Nvidia — signed an open letter asking the government to rescind the directive, arguing that taking the most effective tool away from defensive teams, without a demonstrable reduction in overall risk, hurts defenders more than attackers.
There’s also a European angle that surfaced within hours: European Commission spokesperson Thomas Regnier spoke of the need for “technological sovereignty,” a line echoed even by Jordan Bardella from the opposite end of the political spectrum. But — and this is the part that actually matters for anyone working in Europe — no open-weight model available today, from Mistral to Llama 4 to GLM-5.2, matches Mythos’s cyber capabilities or Fable 5’s general ones. Technological sovereignty here doesn’t mean “build a European Claude by year-end.” It means diversifying providers and treating the sudden shutdown of a model with the same seriousness as a data center outage.
Where things stand
As of June 26, two weeks after the directive, no restoration date has been confirmed. Rumors — reported by journalist Andrew Curran — point to an already-trained Mythos successor, even more capable, whose fate remains undecided between public release, Glasswing-partner-only access, or internal use alone. Meanwhile, a legaltech startup with a partly remote team based in Canada has filed suit against the US government, arguing the directive harms companies that had already legally acquired access to the models.
The underlying question isn’t really about Fable or Mythos. It’s about what happens the next time a frontier model gets capable enough to worry a government — and whether the industry will have, by then, a transparent process to handle it, instead of an evidence-free letter that arrives on a Friday afternoon.