Anthropic, an American AI startup, has been caught in an unprecedented regulatory storm recently: it just announced 10 days ago that its most advanced large-scale model would be open to the public, but now it has been urgently suspended by the U.S. government on the grounds of export control. The vast majority of users around the world can no longer access the Fable 5 and Mythos 5 models. This is the first time that the United States has directly implemented export control measures on the AI ​​model itself, causing shocks at multiple levels in security, industry, and alliance relations.

According to The Economist, U.S. Senator Mark Warner reported at a classified briefing on June 11 that General Joshua Rudd, who also serves as director of the National Security Agency (NSA) and commander of U.S. Cyber ​​Command, told him that Anthropic’s Mythos model broke through the defenses of most of the NSA’s classified systems during an authorized red team exercise, not in weeks or days, but in “hours.” This claim has not yet been officially confirmed by any government agency, and the relevant details remain confidential, but it quickly became the dominant narrative explaining why the US government suddenly issued a severe export ban on June 12th: an AI model from a commercial company broke into one of the world's most heavily guarded secret infrastructures in a short period of time.

When Anthropic first disclosed Mythos in April this year, it made it clear that the model was too powerful at discovering software security vulnerabilities and was at risk of being abused, so it would not be open to the public. It would only provide access to about 200 rigorously vetted partners under a project called Project Glasswing, including Amazon, Apple, Google, Microsoft, Nvidia, JPMorgan Chase, and the Linux Foundation. Since then, Mythos has helped uncover thousands of real-world vulnerabilities, including a security flaw that had been dormant in OpenBSD for 27 years and 271 new issues in the Mozilla Firefox 150 browser.

On June 9, Anthropic launched the Fable 5 model to the public. Its underlying foundation is the same as Mythos, but a security classifier is superimposed on top to intercept requests judged to be dangerous and redirect these requests to less capable models for processing. Anthropic's position is that these "guardrails" are sufficient to make Fable 5 safe for the public; but after General Rudd's testimony about NSA penetration testing was exposed, the U.S. government apparently disagreed with this judgment and believed that between Mythos and Fable 5, the "capability gap" brought by the security classifier alone was not enough to constitute a reliable line of defense.

The direct trigger that triggered all this was a "jailbreak" report. The U.S. government notified Anthropic on June 12 that it had discovered a way to bypass the Fable 5 security classifier, potentially unlocking its most sensitive cyber offensive and defensive capabilities. According to Anthropic, the government was only verbally informed of the vulnerability, describing it as a "potential, narrow, non-universal jailbreak" and giving the company 90 minutes to take action. The jailbreak was first reported to the U.S. Department of Commerce by Amazon, an important investor in Anthropic and a competitor in the AI ​​field. At the same time, a researcher using the pseudonym "Pliny the Liberator" posted his self-proclaimed complete system prompt word on X and GitHub within 48 hours after Fable 5 went online.

Faced with pressure from the government, Anthropic responded by emphasizing its assessment that the impact of this jailbreak was limited and not universal, and did not fundamentally defeat Fable 5's overall security. The company also pointed out that similar security vulnerabilities exist in other models that are open to the public, including OpenAI's GPT-5.5, but these models do not encounter the same intensity of export controls. Anthropic warned in a statement that if current standards for Fable 5 were applied across the industry, "nearly all leading model providers would be forced to halt new model deployments."

Some in the security community agree with Anthropic's assessment. Former Facebook chief security officer Alex Stamos said he had reviewed the relevant research and believed that it did have findings worthy of attention, but did not demonstrate "unique capabilities" that would justify this extreme response. However, Trump administration adviser David Sacks took a contrary view, saying it was difficult to understand how Anthropic could claim that a jailbreak sufficient to make the cyberweapon fully operational could be defined as "not serious."

The political background makes it more difficult for outsiders to view this decision as a purely technical safety issue. In February, the Trump administration ordered all federal agencies to stop using Anthropic’s models after the company refused to sign contract terms that would have allowed its AI to be used in autonomous weapons systems and large-scale domestic surveillance. The Pentagon subsequently classified Anthropic as a "supply chain risk," barring military contractors from using its models, and Anthropic is currently challenging that designation in federal court. This series of conflicts makes this export control more like the outbreak of a long-term game stimulated by major security incidents.

The deeper problem lies in the absence of institutions. Some analysts pointed out that the United States still lacks a stable and transparent framework to evaluate and control the security risks of cutting-edge AI models. On June 2, the Trump administration issued an executive order calling on AI companies to “voluntarily” provide the government with 30 days of advance access to a new generation of cutting-edge models before they are publicly released. However, Fable 5 went online directly after 7 days and did not comply with this "voluntary framework." In practical terms, the ban on June 12 became a hard means to force companies to cooperate with government review. An analysis article on the "Dialogue" website believes that the essential problem is that the government lacks the data, infrastructure and professional capabilities required to independently evaluate cutting-edge proprietary models, and its dependence on enterprises is also recognized in some form in this executive order.

The impact of this ban extends far beyond the United States. When access to Fable 5 and Mythos 5 was completely cut off, Australia, the United Kingdom, Canada and New Zealand, the traditional U.S. intelligence alliance known as the Five Eyes, were also locked out simultaneously without warning. The UK's AI Safety Research Institute, regarded as the world's leading institution for testing cutting-edge models, suddenly lost access during the process of evaluating related systems. To this end, the intelligence agencies of the five countries issued a rare joint statement on Monday. Although Anthropic or Mythos were not named, the context undoubtedly pointed to the current situation.

The joint statement pointed out that cutting-edge AI models are expected to exceed current industry expectations and fundamentally change the landscape of network attack and defense capabilities. The time window for related risks is no longer measured in "years" but in "months". The document was signed by senior officials, including NSA cybersecurity chief David Imbordino and acting CISA director Nick Andersen. The statement warned that AI will significantly lower the threshold for malicious actors to launch attacks and continue to exploit the same old problems that have not been solved for years - unpatched systems, weak identity management controls, and services that are unnecessarily exposed to the Internet. The statement emphasized that cyber risk is no longer a purely technical issue, but a core enterprise risk and leadership responsibility.

Olivia Shen, a national security and AI expert at the University of Sydney in Australia, pointed out that outsiders should not limit their vision to Anthropic. She believes that the industry must expect that "the next Mythos or the next Fable will appear soon", and that currently the public can only see the released model, and there may be equally advanced or even more advanced systems developed by China or other countries and actors being advanced behind closed doors. Security media CyberScoop pointed out that the attack capabilities mentioned in the Amazon threat intelligence report that triggered this government action can actually be achieved with the help of older generation models, such as Claude Opus, Claude Sonnet, and even open source Chinese models that are not subject to any U.S. export controls. Open source models have traditionally lagged head labs by about 6 to 8 months in capabilities, so it's an open question whether disabling Fable 5 will actually significantly slow down an intentional adversary.

As of now, Fable 5 and Mythos 5 are still offline for most users. Anthropic previously told the media that the company is "very confident that model availability will be restored in the next few days," but this position has not yet been fulfilled. Probabilities given by prediction markets put the chance of access restored before July 1 at about 57%. Trump said in an interview with Axios last week that he no longer considered Anthropic a national security threat, saying "maybe it was a week ago, but not now." The two sides met during the G7, and Trump commented on the progress of the negotiations that "everything is going very well."

Dozens of people, including cybersecurity researchers, AI entrepreneurs and business executives, jointly wrote to the White House on Monday, calling on the government to commit to an "open, scientific and transparent" process in future AI risk assessment and response processes. It is believed that a more operational signal may come from Anthropic’s identity verification policy, which is scheduled to take effect on July 8, which will allow the company to verify whether users are U.S. citizens, thereby hopefully restoring the availability of the model in the United States without completely revoking the export control order.

Although it is still unclear how the ban will end in the short term, the past ten days or so have clearly marked a turning point: this is the first time that the United States has placed export controls directly on the AI ​​model itself, rather than the hardware equipment that supports its operation. Europe is watching this precedent closely, fearing that a similar situation could be repeated in the future on Azure, AWS or Google Cloud. Former British Security Minister Tom Tugendhat bluntly said that after such an "intuitive lesson", countries will start to think about how to achieve their country's sovereign capabilities in critical cloud and AI infrastructure. As for whether Mythos actually broke into most of the NSA's classified systems within a few hours, there has been no independent confirmation from any government agency, and the specific details are still hidden in classified documents.