
Claude Fable 5 and Claude Mythos 5 are Anthropic’s most advanced AI models to date, both built on the same underlying frontier architecture but separated by their safety profiles. Fable 5 is designed for general public use, equipped with strong safeguards that route potentially dangerous queries to a less capable model. Mythos 5, its unrestricted sibling, is reserved for trusted organizations working in defensive cybersecurity through Anthropic’s Project Glasswing initiative. On June 12, 2026, the U.S. government issued an export control directive that forced both models offline for all users globally. As of July 1, 2026, both models are back, though with new restrictions and an upgraded safety system that reflects a rapidly evolving relationship between AI companies and government regulators.
In this article, we’ll discuss the full timeline of events: why the models were pulled, how Anthropic worked with the government and industry partners to restore access, what technical and policy changes were made in the process, and what this episode signals for the future of frontier AI governance. Whether you’re a developer building on Claude, a cybersecurity professional tracking AI capabilities, or simply someone interested in how the world’s most powerful AI systems are being regulated, there’s something here for you.
TL;DR Snapshot
Claude Fable 5 and Mythos 5 are officially being re-deployed after getting pulled offline due to U.S. government export controls. The 19-day ban, triggered by a reported jailbreak vulnerability, has ended with Anthropic shipping an upgraded safety classifier, establishing new government collaboration commitments, and co-authoring an industry-first framework for evaluating AI jailbreak severity.
Key takeaways include…
- Fable 5 is globally available again as of July 1, 2026, with a new safety classifier that blocks the reported jailbreak in over 99% of cases, though it also flags more routine coding requests as false positives.
- Mythos 5 access has been restored to a select group of U.S. organizations that operate and defend critical infrastructure, with broader Glasswing partner access still being coordinated with the government.
- A shared jailbreak severity framework is now being co-developed by Anthropic, Amazon, Microsoft, and Google to give the industry a common vocabulary for evaluating and responding to future AI safety incidents.
Who should read this: AI developers, cybersecurity professionals, policy researchers, and anyone following the intersection of frontier AI and government regulation.
The Launch, the Jailbreak, and the Shutdown
Anthropic initially released Claude Fable 5 and Claude Mythos 5 on June 9, 2026. According to their original launch announcement, Fable 5’s capabilities “exceed those of any model we’ve ever made generally available,” with state-of-the-art performance in software engineering, knowledge work, vision, and scientific research. During early testing, Stripe reported that Fable 5 compressed months of engineering work into just hours, performing a codebase-wide migration of a 50-million-line Ruby repository in a single day. Without AI, it would have taken a full team over two months to complete.

Both Fable and Mythos share the same technical foundation, but they differ significantly in how they handle sensitive queries. Fable uses safety classifiers that detect when a user’s request touches high-risk domains like cybersecurity, biology, or chemistry. When a classifier triggers, the request is silently routed to Claude Opus, a less capable model, and the user is notified of the fallback. Mythos, by contrast, runs without these restrictions, which is why it’s only available to vetted partners through Project Glasswing.
Just three days after the Fable/Mythos launch, things took a sharp turn. On June 12, the U.S. Department of Commerce applied export controls to both models after Amazon researchers reported a method of bypassing Fable 5’s safeguards. The jailbreak technique prompted Fable 5 to identify software vulnerabilities and, in one case, produce code demonstrating how one of those vulnerabilities could be exploited. Because export controls prohibit foreign nationals from accessing restricted technology, and Anthropic had no way to verify user nationality in real time, the company was forced to suspend both models entirely for all users, including its own foreign national employees.
How Anthropic Won Back Access
The path from shutdown to re-deployment took 19 days and involved close collaboration between Anthropic, the U.S. government, and several major technology companies.
Anthropic’s first priority was demonstrating that the reported jailbreak didn’t reveal unique Mythos-level capabilities. According to Anthropic’s redeployment post, the company’s testing confirmed that “many less capable models, including Claude Opus 4.8, GPT-5.5, and Kimi K2.7, could identify the same vulnerabilities as Fable 5 did in the report.” When it came to the exploit demonstration, every model tested could reproduce the same behavior, including Claude Haiku 4.5 and GPT-5.4.
The core technical fix was a retrained safety classifier built specifically to target the prompt-framing technique described in the Amazon report. According to Infosecurity Magazine, the new classifier blocks the reported jailbreak technique in over 99% of cases. The trade-off, as Anthropic acknowledged, is that it also falsely flags benign requests more often during routine coding and debugging tasks. When a request is flagged, it’s automatically rerouted to Opus 4.8, and the user receives a notification. The Decoder reported that users had already complained the model was too restrictive during the initial Fable 5 release, and this new classifier widens the safety margin even further.
Anthropic also dispatched a team of its top scientists and engineers to Washington, D.C. to work directly with government counterparts in the Commerce Department and the Office of the National Cyber Director, according to NBC News reporting. The result was a phased rollout: the government first approved Mythos for re-deployment to U.S. organizations that operate and defend critical infrastructure, and then lifted export controls on both Mythos and Fable on June 30.
A New Framework for AI Safety Incidents
Perhaps the most significant long-term outcome of this episode isn’t the technical fix but the institutional infrastructure it’s producing. Anthropic, Amazon, Microsoft, Google, and other Glasswing partners have begun developing a shared framework for assessing the severity of AI jailbreaks. The goal is to give the AI industry a standardized way to evaluate bypass reports, rather than having each incident adjudicated from scratch under varying political and technical criteria.

According to Let’s Data Science, the proposed framework scores jailbreak findings on four axes, including capability gain (does the jailbreak exceed what existing tools can do?), breadth of gain (how many offensive tasks does it enable?), ease of weaponization (how much prompting effort is required?), and discoverability (how easily could someone independently find the technique?). This multi-dimensional approach is designed to prevent overreaction to low-severity findings while ensuring that genuinely dangerous bypasses receive urgent attention.
The framework also reflects a broader shift in how Anthropic is engaging with government. The company committed to four areas of deeper collaboration, those being expanded pre-deployment testing, information sharing about model capabilities and vulnerabilities, joint research on safety classifiers, and deeper coordination on access policies for frontier models. As CyberScoop noted, these developments are unfolding alongside a Trump administration executive order that established a voluntary framework requiring AI developers to submit advanced models for government review up to 30 days before public release.
What This Means for Developers and Users
For developers building on Fable 5, the practical implications here are important. Through July 7, Pro, Max, Team, and select Enterprise plan subscribers can use Fable 5 for up to 50% of their weekly usage limits, according to Anthropic’s redeployment announcement. After that, Fable 5 will only be available through usage credits. Access via AWS, Google Cloud, and Microsoft Foundry is being re-enabled on a rolling basis.
For the broader AI ecosystem, this episode establishes a weighty precedent. It’s the first time a frontier model has been subjected to and released from government export controls based on cybersecurity concerns. The fact that it was resolved through technical remediation and institutional collaboration, rather than a prolonged legal or political standoff, suggests a method for how future incidents might be handled. But it also raises questions about access equity. As Geeky Gadgets noted, the tiered access system gives priority to corporate clients and government agencies while smaller businesses and independent developers face more limited availability.
Frequently Asked Questions
Claude Fable 5 is Anthropic’s most capable publicly available AI model, released on June 9, 2026. It shares its underlying architecture with Claude Mythos 5, but it’s equipped with safety classifiers that block or reroute queries in high-risk domains like cybersecurity and biology. When those classifiers trigger, the request is silently handed off to Claude Opus 4.8, a less capable but still powerful model.
Claude Mythos 5 is the unrestricted version of the same frontier model that powers Fable 5. Because it lacks the safety classifiers applied to Fable 5, it can find and exploit software vulnerabilities more effectively than nearly any other tool available. Anthropic restricts access to Mythos 5 exclusively to vetted organizations participating in Project Glasswing for defensive cybersecurity work.
Project Glasswing is Anthropic’s initiative to secure the world’s most critical software using Claude Mythos. Launched in April 2026, it brings together organizations like Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks. The program has since expanded to approximately 200 organizations across 15+ countries, including NATO and the EU’s cybersecurity agency, ENISA. Anthropic committed up to $100 million in usage credits to support the initiative.
Export controls are government regulations that restrict the transfer of sensitive technologies to foreign nationals or foreign countries. In this case, the U.S. Department of Commerce applied export controls to Fable 5 and Mythos 5 on June 12, 2026, effectively barring any foreign national from accessing either model. Because Anthropic couldn’t verify user nationality in real time, this forced a complete global suspension.
A safety classifier is a smaller, specialized AI system that monitors interactions with a large language model. It evaluates incoming requests in real time and determines whether they touch on potentially dangerous topics. If the classifier flags a request, the model either blocks the response or routes it to a less capable model. Anthropic’s new classifier for Fable 5 specifically targets the jailbreak technique reported by Amazon researchers and blocks it in over 99% of cases.
A jailbreak refers to a technique that bypasses an AI model’s built-in safeguards, causing it to produce outputs it was designed to refuse. In this case, Amazon researchers found a prompting method that caused Fable 5 to identify software vulnerabilities and demonstrate how one could be exploited, behaviors that its safety classifiers were supposed to prevent. Anthropic’s investigation found that the technique only accessed routine defensive cybersecurity behaviors, not unique Mythos-level offensive capabilities.
It’s a proposed industry standard, being co-developed by Anthropic, Amazon, Microsoft, and Google, for evaluating how serious a given AI jailbreak actually is. The framework scores findings on four dimensions: how much new capability the jailbreak unlocks, how many offensive tasks it enables, how much effort is required to weaponize it, and how easily someone could discover the technique independently. The goal is to create a shared vocabulary so that AI companies and governments can respond to future bypass reports consistently and proportionally.
Other Enterprise AI Articles You May Be Interested In
GPT 5.6 Sol, Terra, and Luna: A Complete Guide to OpenAI’s New Model Family
Micron’s AI-Driven Boom: How HBM4 Chips Are Fueling a 700% Stock Rally
Big Tech’s $2.7 Trillion AI Reckoning: What Investors Need to Know
OpenAI Enters the Chip Game: Everything You Need to Know About Jalapeño
