Fable AI Security Concerns: US Blocks Anthropic Models

Fable AI security concerns became headline news on June 13, 2026. The US government ordered Anthropic to shut down public access to its two most powerful AI models. If you were using Claude Fable 5 or Mythos 5 for development work, your access simply stopped working that Friday evening.

This is what happened, what the government ordered, and what Anthropic is saying about it.

What Is Claude Fable 5?

Anthropic launched Claude Fable 5 on June 9, 2026. It was the first publicly available model in the company’s new “Mythos-class” tier, one level above the previous Opus-class lineup. Anthropic described it as the most capable model it had ever released to the public.

Fable 5 was built to excel at software engineering, code analysis, and identifying flaws inside existing codebases. That specific capability is exactly where the Fable AI security concerns would later take root.

The model came with a layered safety design. When a query touched high-risk areas like cybersecurity, biology, chemistry, or AI model distillation, Fable 5 would silently pass the request to a weaker model, Claude Opus 4.8, instead of answering directly. Anthropic reported that more than 95% of all Fable 5 sessions never triggered this fallback.

Alongside the public model, Anthropic operated Mythos 5. That version ran with fewer guardrails and was limited to vetted cybersecurity researchers and government partners only. It was never open to general users.

Those earlier Anthropic model milestones that built up to this launch are covered in our report on Anthropic’s Claude Opus 4 and Sonnet 4 release and its coding advances.

How the Fable AI Security Concerns Began

The Fable AI security concerns surfaced within 24 hours of launch. A researcher going by “Pliny the Liberator” posted on social media claiming to have bypassed Fable 5’s safety classifiers the day after the model went live.

The method reportedly did not involve a traditional software bug. Based on cybersecurity reports, the approach used Unicode character substitutions, look-alike Cyrillic letters, multi-agent task decomposition, and narrative framing to trick Fable 5’s keyword classifiers into ignoring flagged requests.

Screenshots that circulated publicly appeared to show step-by-step instructions for stack buffer overflow exploits on x86 Linux systems. The researcher also claimed to have extracted Fable 5’s 120,000-character system prompt during the attempt.

These Fable AI security concerns spread quickly through the security research community. Debate started immediately over whether this counted as a real jailbreak or a demonstration of weaknesses that already existed in every major model.

The timing of the Fable AI security concerns made things worse. Anthropic had acknowledged at launch that Fable 5’s capabilities in identifying software vulnerabilities “exceed those of any model we’ve ever made generally available.” Security professionals had already warned before release that a model this capable in vulnerability identification could be weaponized if its safeguards were bypassed.

The pattern fits into what our team has been watching across AI-adjacent security incidents, including the supply chain security threats that hit organizations throughout 2026.

What Anthropic Said About the Jailbreak

Anthropic disputed the claim that a real jailbreak had occurred and conducted a wider review of recent usage, finding no evidence that its safeguards had been successfully bypassed to generate genuinely dangerous content.

After reviewing the reported technique, Anthropic found only a small number of previously known, minor vulnerabilities. Critically, the company said those same vulnerabilities were already discoverable using other publicly available models without any bypass at all.

Anthropic validated that the level of capability displayed in the underlying report was widely available from other models, including OpenAI’s GPT-5.5 cybersecurity evaluations.

This was Anthropic’s core argument: the Fable AI security concerns raised by this jailbreak did not represent any unique risk that did not already exist elsewhere in the market.

External red teams working before launch found no universal jailbreaks on long-form agentic tasks, though Anthropic conceded it is likely impossible to fully prevent universal jailbreaks in the future. The company’s stated goal was to make them slow and costly enough to detect before they could be used at scale.

Still, the Fable AI security concerns had already reached Washington by then.

The US Government Directive

The Fable AI security concerns triggered a government response on June 13, 2026. The directive, received at 5:21 PM ET, prohibits any foreign national, whether located inside or outside the United States, from accessing the two models, including foreign national Anthropic employees.

The letter came from Commerce Secretary Howard Lutnick under the authority of the US Department of Commerce.

Because Anthropic had no real-time way to verify each user’s citizenship, the company disabled both Fable 5 and Mythos 5 globally for all customers to ensure full compliance. Access to every other Anthropic model remained unaffected.

According to CNN’s reporting, the government cited national security concerns but did not provide specific details to Anthropic, though the company believes the government became aware of a method of jailbreaking Fable 5.

You can find our full breakdown of the immediate fallout in our dedicated report on the US government’s decision to block Anthropic’s Fable 5 access.

What Export Controls Now Apply

Under the Commerce Department directive, a license is now required for the export, re-export, or domestic transfer of Fable 5 and Mythos 5 to any foreign person. Anthropic must also submit applications for individually validated licenses. Failure to comply would result in financial and civil penalties.

This places the Fable AI security concerns in a regulatory category normally reserved for military hardware and advanced dual-use technology. It is one of the most sweeping actions the US government has taken against a commercially deployed AI model.

Experts warned before launch that Fable 5 was particularly effective at identifying software vulnerabilities, and the model’s capabilities posed a risk of being used in cyberattacks.

The type of breach risk that prompted this response is something security teams have been confronting across all fronts this year. Our reporting on the GitHub breach that hit 3,800 repositories after a hacked coding tool shows just how fast a single vulnerability can escalate.

How Anthropic Is Pushing Back

Anthropic complied with the directive immediately but made its disagreement public. In its official statement published on June 13, the company argued that if this standard were applied across the industry, it would effectively halt every new frontier model deployment.

On the specific Fable AI security concerns cited by the government, Anthropic stated the jailbreak demonstrated essentially involved asking the model to read a codebase and identify software flaws, a task security professionals perform with publicly available tools every single day.

Anthropic’s position is that the vulnerability was benign. According to Anthropic’s own reading of the government’s underlying concern, the demonstration essentially consisted of asking the model to read a specific codebase and fix any software flaws.

Anthropic’s full position on the Fable AI security concerns rests on its defense-in-depth strategy. This security framework focuses on confining non-universal jailbreaks to an exceptionally narrow scope, making developing universal jailbreaks economically prohibitive, and deploying continuous telemetry monitoring to rapidly detect and shut down active attacks. The company also enforces a 30-day customer data retention policy for Mythos-class models to support continuous threat hunting and patch development.

The company ended its statement by saying it believes this is a misunderstanding and is working to restore access as soon as possible.

What This Means for Developers and Users Right Now

The Fable AI security concerns have had a direct and immediate practical impact. Anyone who had built workflows or production pipelines on Fable 5 or Mythos 5 lost that access without warning on the evening of June 13.

All other Anthropic models are still live. Claude Opus 4.8, Claude Sonnet 4.6, and the rest of the lineup remain fully operational. Only Fable 5 and Mythos 5 are offline.

The broader lesson the Fable AI security concerns carry for developers is a serious one. Frontier AI capabilities are now formally treated as national security assets by the US government. Access can be pulled with minimal notice and without detailed public explanation. Building critical workflows on the most advanced AI models now carries a regulatory risk that simply did not exist at this scale a year ago.

For teams tracking what Anthropic’s intermediate model tier can still do while Fable 5 remains offline, our earlier report on Claude Opus 4.7’s expanded agentic capabilities covers the full picture.

Where Things Stand on June 15, 2026

Fable 5 and Mythos 5 remain disabled globally as of today. According to an administration official, the model needs to remain locked down until the US government’s national security apparatus is hardened, and that could happen within the next few weeks.

Anthropic has said it is actively working with the government on a path to restore access under terms that address the Fable AI security concerns without permanently blocking the models. No specific date has been given.

The core dispute comes down to one question. Does a narrow, non-universal jailbreak in a heavily guarded commercial AI model justify a full recall and export control designation? Anthropic says the Fable AI security concerns raised here do not meet that bar. The US government concluded otherwise.

For now, developers should plan around Anthropic’s other available models and monitor Anthropic’s official channels for updates on Fable 5’s return.