Back to Feed
AI SecurityJul 1, 2026

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

US Commerce Dept lifts export controls on Anthropic's Claude Fable 5 AI model.

Summary

Anthropic has restored access to its Claude Fable 5 AI model globally after the U.S. Commerce Department lifted export controls imposed due to a jailbreak vulnerability. The controls, which restricted access for foreign nationals, were lifted after Anthropic implemented a new safety filter to block the specific jailbreak technique.

Full text

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls Swati KhandelwalJul 01, 2026Artificial Intelligence / Critical Infrastructure Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to users on Wednesday, July 1, across Claude.ai, the Claude Platform, Claude Code, and Claude Cowork. Export controls restrict who can receive or use a technology. The June 12 order told Anthropic to cut off both models for any foreign national, inside or outside the United States, including its own non-citizen staff. The rule took effect at once, and the company had no reliable way to check every user's nationality in real time, so it shut both models down for everyone. The trigger was a jailbreak: a prompt that gets a model to bypass its safety rules. Amazon researchers found one in Fable 5. By Anthropic's account, the prompt got the model to flag a few software flaws and, in one case, to write code showing how a flaw could be abused. Anthropic played the finding down. It says the same requests work on plenty of weaker models too, including its own Claude Opus 4.8, OpenAI's GPT-5.5, and China's Kimi K2.7. The company calls the flagged behavior routine defensive security work, not a hidden super-capability. The government and the partner that reported the jailbreak saw it as serious enough to justify emergency controls. To settle the concern, Anthropic trained a new safety filter, called a classifier, that watches for the exact technique in the report and blocks it. The company says it now stops that technique in more than 99% of tries, as of the June 30 write-up. Blocked requests get handed to the weaker Opus 4.8 instead, and the user is told. The trade-off is more false alarms on normal coding and debugging. Mythos 5, the same underlying model with fewer safety guardrails, stays on a shorter leash. Access returned June 26 for roughly 100 U.S. companies and federal agencies that defend critical infrastructure. Anthropic says it is still working with the government to widen access. Commerce Secretary Howard Lutnick, who signed off on the reversal, said his department had spent two weeks reviewing the models with Anthropic. In his letter, the company agreed to hunt for security problems on its own, coordinate on future launches, and report any malicious use it spots. The negotiations were reportedly led by co-founder Tom Brown rather than CEO Dario Amodei, who has clashed with the administration for much of the year. The fight was messy from the start. Multiple reports, including from The Wall Street Journal, said Amazon's research and concerns from CEO Andy Jassy helped drive the original order. Former AI czar David Sacks accused Anthropic of having "prioritized the continued offering of the consumer model over safety." Others read it as an overcorrection. University of Sydney AI governance researcher Francesco Bailo told Al Jazeera the reversal looked like the government conceding it had gone too far, and a group of security leaders had signed an open letter asking for the controls to be lifted. Hanging over all of it was competition. The pause landed just as cheap, capable Chinese open-source models were gaining ground, and several executives warned that freezing U.S. models handed rivals free time to catch up. Anthropic is also proposing something the industry has lacked: a shared way to rank how dangerous a jailbreak really is. With Amazon, Microsoft, Google, and other partners, it wants to score each one on four things: Capability gain: how much further the jailbreak takes a user beyond the tools they already have. Breadth: how many different attacks the same trick unlocks. Ease of weaponization: how much skill and effort it takes to turn it into a real attack. Discoverability: how easy the trick is to find or copy. For the worst cases, such as a jailbreak that enables attacks on power grids or banks, Anthropic says it will start deploying fixes the moment severity is confirmed, and it is standing up a team to watch jailbreak reports around the clock. It also opened a HackerOne program for researchers to report new Fable 5 jailbreaks, and promised the U.S. government earlier access to test future frontier models before release. Anthropic is not the only lab in this position. Days earlier, OpenAI previewed GPT-5.6 to a small, government-approved group rather than the public, citing the same dual-use worry: a model good enough to help defenders patch bugs is also good enough to help attackers find them. The risk is not hypothetical. Earlier this spring, Anthropic tested a prior Mythos model that found and exploited zero-day bugs across every major operating system and browser on command, including a 27-year-old flaw in OpenBSD. Its red team turned freshly disclosed bugs into working exploits in under a day. The immediate crisis is over. The bigger question is not. A June 2 executive order created a voluntary path for companies to have frontier models reviewed before release. It also set up a classified benchmark to decide which models count as "covered," while ruling out any mandatory license to ship one. Fable 5 never went through that path. The government reached for export controls instead. That is the tell: when Washington wants to move fast on a frontier model, it still has no binding process, only improvised ones. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  Anthropic, artificial intelligence, Claude, critical infrastructure, Fable 5, hackerone, jailbreak, Mythos 5 ⚡ Top Stories This Week Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data ⭐ Featured Resources Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale [Watch Demo] See Which Security Gaps Attackers Could Exploit First AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check

Entities

Claude Fable 5 (product)Mythos 5 (product)Anthropic (vendor)U.S. Commerce Department (vendor)Amazon (vendor)Claude Opus 4.8 (product)