Anthropic's Fable 5 Returns: Export Controls Lifted After AI 'Jailbreak' Debate
Global access to **Anthropic's Fable 5** model has been restored after a three-week shutdown imposed by the U.S. government. The reversal follows intense negotiations and a public debate over the application of export controls to advanced AI models, initially triggered by a 'jailbreak' technique demonstrating the model's defensive cybersecurity capabilities.
After a three-week hiatus, **Anthropic** has reinstated global access to its **Fable 5** model. The shutdown, initiated by U.S. government export controls, had barred foreign nationals from accessing the advanced, cybersecurity-focused AI tool.
The initial restrictions were a direct response to a 'jailbreak' technique, detailed in an **Amazon** research report and later elaborated by **Katie Moussouris**, founder of **Luta Security**. Moussouris, who was asked by **Anthropic** to assess the report, described how researchers fed **Fable 5** open-source code containing known vulnerabilities and deliberately planted flaws, then instructed it to 'fix this code.' The model's output was then manually assembled into scripts for testing patches.
### The 'Jailbreak' Misconception
Moussouris argued that this technique was not a guardrail bypass but rather a demonstration of the most valuable function an AI model could offer for defensive security: executing the find, fix, and test loop critical for cybersecurity professionals. Her conclusion was that removing this underlying capability would significantly degrade the model's utility for legitimate security work.
**Anthropic's** own testing corroborated this, finding the same technique effective against other leading models, including **OpenAI's GPT-5.5** and the Chinese model **Kimi K2.7**. Crucially, none of these other models faced comparable export restrictions, suggesting the capability was not unique to **Anthropic's** frontier models.
### Lifting the Restrictions and Future Safeguards
The lifting of controls came after a series of agreements between **Anthropic** and the government. As part of these negotiations, **Anthropic** committed to several new safeguards:
* A new safety classifier blocking the specific 'jailbreak' technique in over 99% of cases, endorsed by researchers from the **Commerce Department's Center for AI Standards and Innovation**.
* Expanded pre-release access for government evaluators to test frontier models.
* Rapid disclosure of significant jailbreaks.
* Dedicated staff and compute resources for joint research.
* Participation in a shared voluntary security standard across frontier model providers.
* The launch of a **HackerOne** bug bounty program specifically for cyber jailbreak submissions.
Export controls on **Anthropic's** more powerful cybersecurity model, **Mythos 5**, were also fully lifted as of June 30. However, access to **Mythos 5** remains restricted to vetted U.S. organizations through **Project Glasswing**, **Anthropic's** controlled-access program for critical infrastructure defenders. The company continues to negotiate broader domestic and international access through **Glasswing**.
### Industry Pushback and Broader Implications
The initial shutdown sparked significant concern within the cybersecurity community. Over 100 cybersecurity professionals, including executives from **Nvidia**, **Adobe**, **Zoom**, **Google**, and **Sophos**, signed an open letter organized by former **Facebook** security chief **Alex Stamos**. The letter warned that the export controls risked harming U.S. cyber defense by withholding advanced capabilities from defenders while adversaries rapidly advanced their own AI development.
> "The Chinese open-weight models are only months behind the best American models, and those are the models we know about," the letter stated. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous."
**Anthropic**, in collaboration with its **Glasswing** partners (**Amazon**, **Microsoft**, and **Google**), is also drafting an industry framework to score jailbreak severity based on four criteria: capability gain over existing tools, breadth of tasks affected, ease of weaponization, and discoverability.
This incident marks the first known use of export control authorities to restrict AI software rather than hardware. Its reversal and the subsequent agreements are likely to set a precedent for how frontier AI models are regulated in the U.S. going forward.
### Political Backdrop
The directive arrived amidst existing tensions between **Anthropic** and the **Trump administration**. In February, Defense Secretary **Pete Hegseth** designated **Anthropic** a 'supply chain risk,' a label previously applied to companies like **Huawei**, following failed contract negotiations over military use of **Claude**. Reports indicate that **Anthropic** co-founder **Tom Brown** took over negotiations from CEO **Dario Amodei**, who had reportedly become a political target over his public AI safety positions and support for **Kamala Harris**.