Day 10 of the Commerce Department’s export-control directive against Anthropic’s two flagship models arrived Monday with no public timeline for restoration, no amended finding, and a widening gap between what the government has cited as justification and what the security community is willing to call a threat.
The directive landed on a Friday, June 12, at 5:21 p.m. ET, three days after Fable 5’s release. Vals AI’s benchmarks had ranked it the most capable publicly available model at launch, ahead of OpenAI’s GPT-5.5. By that evening, Anthropic had disabled both Fable 5 and its ungated sibling Mythos 5 worldwide, and published its own account of the government’s stated concern: a jailbreak demonstration in which the model, prompted to read a specific codebase, identified what Anthropic called “a small number of previously known, minor vulnerabilities.” The company noted that GPT-5.5 and other public models can surface the same flaws without any bypass at all.
The paper underlying the directive was written by Amazon security researchers, according to reporting from The Wall Street Journal, and Amazon CEO Andy Jassy reportedly warned administration officials directly that Fable 5’s guardrails were flawed. The optics aren’t subtle. Anthropic’s largest investor produced the research that took Anthropic’s most capable model offline.
By Monday, 76 CEOs, CISOs, and researchers had signed a letter to Commerce Secretary Howard Lutnick and National Cyber Director Sean Cairncross arguing the ban “has taken the best models away from defenders, created market uncertainty, and risked America’s AI leadership without any real risk to justify it.”
Katie Moussouris, the Luta Security founder who effectively wrote the modern vulnerability-disclosure playbook and who reviewed the paper at Anthropic’s request, was blunter. The technique, she wrote, “should never have triggered an export control,” and the behavior it surfaced “cannot meaningfully be fixed, and any attempt would only weaken the model for defense.”
That second clause is the one doing real work. Mythos 5 wasn’t a consumer release. It had been kept inside Project Glasswing, shared with roughly 50 vetted organizations including Amazon, Apple, Google, Microsoft, and CrowdStrike specifically for defensive cybersecurity work. The export action pulled it from the defenders it was built for.
Anthropic’s own framing of the standard is that, if generalized, it would “essentially halt all new model deployments for all frontier model providers.” Thousands of hours of pre-launch red-teaming with the US government, the UK AI Safety Institute, and third parties haven’t yet produced a universal jailbreak against Fable. The bar applied here, in other words, is one no frontier lab can clear, applied via a Friday-evening letter, on the basis of research authored by a competitor-investor.
The closest historical rhyme is the 1990s Clipper-chip and crypto-export fights, where national-security framing collided with a security community that understood the technology better than its regulators did. Those fights were won, eventually, on the substance. Day 10 suggests this one will be argued on the same terrain.
Sources
- https://www.anthropic.com/news/fable-mythos-access
- https://techcrunch.com/2026/06/12/anthropics-safety-warnings-may-have-just-backfired-the-government-has-pulled-the-plug-on-its-most-powerful-ai/
- https://techcrunch.com/2026/06/15/the-us-governments-anthropic-models-ban-was-never-about-an-ai-jailbreak/
- https://www.bloomberg.com/news/articles/2026-06-13/anthropic-says-us-limits-foreign-access-to-fable-5-mythos-5
- https://www.cybersecuritydive.com/news/anthropic-us-government-export-ban-mythos-fable/822909/