A sudden government order has pulled two of Anthropic’s most capable AI systems out of circulation. The action, issued late on June 12, targeted Fable 5 and Mythos 5. It bars foreign nationals from access, even those employed by the company itself. Compliance forced Anthropic to shut the models down for every user. The decision has ignited sharp pushback from seasoned cybersecurity professionals who see it as a self-inflicted wound.
The Commerce Department sent the directive at 5:21 p.m. Eastern time. No detailed explanation accompanied it. Anthropic disclosed in its statement that officials cited a suspected jailbreak of Fable 5. The company reviewed the demonstration. It involved prompting the model to examine codebases and fix known, minor vulnerabilities. These issues, Anthropic noted, other public models could identify without any bypass.
Yet the order’s breadth left little room for nuance. Foreign nationals inside or outside the U.S. lost access. That reality compelled a total disablement. “We are complying with the government’s legal directive and are removing access to Fable 5 and Mythos 5 for all users,” Anthropic wrote. The firm added that other models remain available. Still, it voiced strong disagreement. A narrow potential jailbreak, the company argued, should not trigger recall of systems deployed to hundreds of millions.
Hours later the backlash crystallized. Seventy-six experts signed an open letter hosted at freefable.org. The signatories read like a who’s who of the field. Alex Stamos, former Facebook chief security officer. Katie Moussouris, founder of Luta Security. Casey Ellis of Bugcrowd. Jon Callas, cryptographer and ex-Apple security architect. Dino Dai Zovi. Rachel Tobac. Paul Vixie. The list stretches on, encompassing CISOs from Zoom, Sophos, Adobe and more.
The letter pulls no punches. “To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous.” It acknowledges AI’s dual impact. These systems slash the effort needed to spot flaws and craft exploits. Mythos-class models excel here. They do not stand alone. Signers routinely deploy GPT-5.5, Claude Opus 4.8, Sonnet and even Chinese offerings like Kimi 2.7 for audits and red teaming. The research that alarmed officials? It centered on determining whether prompted code sections were insecure. A baseline requirement for any tool meant to write secure software.
Moussouris went further in a detailed post on her site. She had reviewed the non-public Amazon paper that apparently prompted the order. The researchers fed open-source code laced with known CVEs and planted bugs into Fable 5. Initial prompts for security review were refused. Follow-up requests to “fix this code” produced outputs that, after manual steps, yielded test scripts. Nothing exotic. “I feel like making ’90s-style t-shirts with ‘fix this code’ on the front and ‘this shirt is a munition’ on the back,” she wrote on Luta Security’s blog.
That capability, she stressed, sits at the heart of defensive work. Find. Fix. Test. Remove it and the model grows weaker precisely where defenders need strength most. The same holds across competitors. Foreign and open-weight systems the U.S. cannot control already approach or will soon match these levels. Export rules cannot touch them. History offers caution. Moussouris served on the U.S. team that renegotiated the Wassenaar Arrangement. Broad language on intrusion software once threatened vulnerability disclosure and incident response. Defensive activity secured exemptions only after years of effort. This ban risks repeating the error.
Anthropic itself had moved cautiously with Fable 5. Released days earlier, the model carried aggressive guardrails. Prompts touching cybersecurity, biology or chemistry often hit walls. So strict were the limits that researchers joked about them. The company ran thousands of hours of red teaming alongside U.S. and U.K. agencies plus independent groups. No universal jailbreak surfaced. Non-universal ones remained narrow or costly to develop. Monitoring and data retention policies formed additional layers. Defense in depth, the firm called it. Risks stayed comparable to existing deployed models.
Yet the government acted. Context matters. Tensions between Anthropic and Washington run deep. Earlier this year President Trump directed agencies to cease using the company’s technology. A supply-chain risk designation from the Pentagon followed disputes over military applications, including concerns around autonomous weapons and domestic surveillance. A federal judge issued a temporary block. The February order and its aftermath set the stage for heightened scrutiny. When hints of a Fable jailbreak reached officials, the response proved swift.
Recent coverage captures the fallout. A BBC report from two days ago detailed the suspension and self-described power of the new models. CNN noted the order ranks among the most sweeping actions taken against advanced AI capabilities. The Los Angeles Times highlighted the unprecedented scope. Foreign nationals anywhere, including Anthropic staff, were cut off. Wired reported the company viewed the move as tied to a narrow bypass that unlocked Mythos-level performance on code tasks. Fortune and The Guardian echoed the compliance-driven global shutdown.
Protesters argue the ban delivers the opposite of security. Defenders lose their strongest tools. Attackers face no equivalent handicap. Chinese models trail by months at most, per independent benchmarks. State actors there may hold undisclosed edges. Market uncertainty grows. America’s edge in AI development could erode if similar standards applied industry-wide. “If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers,” Anthropic stated.
The open letter lays out clear demands. Lift the directives on Fable and Mythos. Adopt processes grounded in scientific evaluations shaped by industry and academia. Ensure democratic rulemaking. Deliver transparent, fair enforcement with remediation time. Limit interventions to the minimum required for public safety. Not every signer supports heavy regulation. All agree the current approach falls short.
Discussions continue. Anthropic has dispatched staff to Washington for direct talks, according to recent Wall Street Journal coverage. Executives seek resolution. Moussouris and fellow signers urge re-examination of the underlying analysis. The models, they insist, matter too much to sideline lightly. Cybersecurity in the AI era depends on speed. Attackers move fast. Defenders must match or exceed that pace. Tools that accelerate the find-fix-test loop provide exactly that advantage.
Short-term disruption already lands. Customers face interrupted workflows. Longer term, the episode raises larger questions about how Washington balances risk and innovation. Frontier models test old frameworks. Export controls designed for hardware or software now stretch to cover reasoning engines. The line between offensive and defensive capability blurs when the same prompt that spots a bug can inspire an exploit. Drawing it demands precision the current order appears to lack.
Industry veterans have taken a public stand. Their letter and supporting commentary signal deep skepticism. The ban, they contend, does not enhance safety. It hampers those tasked with protecting systems against increasingly sophisticated threats. Whether officials reverse course remains unclear. What is certain is the depth of concern. When figures like Stamos, Moussouris and Ellis align on an issue, policymakers tend to listen. This time they have spoken with one voice. The models should return. The process should improve. America’s cyber defenses depend on it.
WebProNews is an iEntry Publication