On June 9, 2026, Anthropic released Claude Fable 5, the most capable model it has ever made publicly available. Seventy-two hours later it was gone, pulled offline worldwide along with its restricted sibling Mythos 5, after the US government issued a national-security export-control order.
In between, a red-teamer declared the model "liberated," Amazon researchers quietly raised an alarm with the Treasury Department, and a Friday-evening letter from the Commerce Secretary forced one of the most abrupt frontier-model shutdowns the industry has seen.
The story moved fast and the framing got loose. This is a fact-checked breakdown: what is verified, what is contested, what is just hype, and what it actually means for anyone who builds on AI.
A quick note on method. We ran a multi-source sweep and then adversarially fact-checked the load-bearing claims against independent reporting. Where a claim rests on a single source or a partisan one, we say so. We do not reproduce any jailbreak content, exploit code, or system prompts here. This is reporting, not a how-to.
The 72-Hour Timeline
| When | What |
|---|---|
| June 9 | Anthropic launches Fable 5 (public, safeguarded) and Mythos 5 (restricted), its two most capable models. |
| June 10 | Red-teamer "Pliny the Liberator" publicly claims a jailbreak, posts screenshots and an alleged system prompt. |
| June 11-12 | Amazon researchers' concerns reach the US government. Outlets pick up the dispute. |
| June 12, 5:21 PM ET | Commerce Secretary Howard Lutnick sends Anthropic a letter imposing export controls on both models. |
| June 12, late night | Anthropic disables Fable 5 and Mythos 5 for every user worldwide to comply. |
| June 13 | Major outlets confirm the shutdown. Anthropic calls it a "misunderstanding" and says it is working to restore access. |
Three days, launch to global blackout. Every other Claude model, including Opus 4.8, Sonnet, and Haiku, stayed online the entire time.
First, What Are Fable 5 and Mythos 5?
A lot of the coverage blurred these two together, so let us be precise, because the distinction is the crux of the whole story.
Here is the part most people got wrong: Fable 5 and Mythos 5 are the same underlying weights. Mythos 5 is that model with its safeguards lifted in some areas, and it is not generally available. It ships in limited release through a program called Project Glasswing, to a small group of cyberdefenders and infrastructure providers, in collaboration with the US government. Fable 5 is the public, safeguarded version of those same weights, the one Anthropic felt comfortable shipping to everyone. We broke down the launch, benchmarks, and pricing in Claude Fable 5: Anthropic's Most Powerful Public Model, and the lineage traces back to the March 2026 Mythos leak (codename Capybara).
The safeguard is the key technical detail. Fable 5 ships with safety classifiers that watch for requests in high-risk areas, primarily cybersecurity, biology and chemistry, and model distillation. When a classifier flags a request, the response is automatically handled by the older, less capable Claude Opus 4.8 instead of by Fable 5. Anthropic says this fallback triggers in fewer than 5 percent of sessions, and that before launch an external bug bounty ran more than 1,000 hours without finding a universal jailbreak.
This shared-weights design is why the framing "a jailbroken Fable 5 is basically Mythos 5" is not nonsense. Strip Fable's guardrails and what is underneath is the same model Anthropic restricts as Mythos 5. The fair correction is narrower: a jailbreak does not hand anyone the separately gated, government-restricted Mythos 5 endpoint or its access program. It just makes the public model behave less like its safeguarded self.
The Viral Claim: "Pliny the Liberator"
Within about a day of launch, an independent red-teamer who goes by Pliny the Liberator announced on X that he had bypassed Fable 5's guardrails. The posts were celebratory, "FABLE-5: LIBERATED" and "ANTHROPIC: PWNED," and included screenshots of what he said were restricted outputs plus what he described as the model's roughly 120,000-character system prompt, shared to X and a public code repository.
He described the approach only at a high level: a coordinated, multi-step strategy combining several known technique families. We are not going to enumerate them, and it does not matter much for the story, because here is the part that got lost in the hype:
No reporter independently verified that the dangerous outputs were real. The screenshots are the researcher's own account. And there is no evidence that Fable 5 was ever used in an actual attack. A public claim of a jailbreak is not the same thing as a confirmed, reproducible, harmful capability, and the two were constantly conflated.
The Thread That Probably Mattered More: Amazon
Here is the twist that the viral X thread buried. According to Wall Street Journal reporting, picked up by TechCrunch, Reuters, and others, Amazon researchers found a sequence of prompts that got Fable 5 to surface cybersecurity-vulnerability information despite its safeguards. Amazon CEO Andy Jassy raised the concern directly with Treasury Secretary Scott Bessent and other officials. Those conversations, more than a hobbyist's X post, appear to be what put the issue on the government's desk.
One detail deserves a skeptical eyebrow. Amazon is Anthropic's single largest investor, with a multi-billion-dollar partnership spanning cloud and model development. An Amazon-discovered "vulnerability" escalating through a cabinet official into a federal order that knocked its own investee's flagship models offline is a genuine conflict-of-interest angle, and a few outlets have started probing it.
There is also a widely repeated claim that the White House asked CEO Dario Amodei to patch or de-deploy the model and that he "refused." Be careful with that one. It traces to David Sacks, the administration's former AI czar, posting on X, and TechCrunch explicitly noted it could not independently verify the account. Anthropic has not confirmed it. File it under "alleged," not "fact."
The Government Order, Precisely
The popular version is "the White House ordered Anthropic to shut everything down." The accurate version is more specific, and the specifics change what the story means.
Who issued it. Not the White House directly. The formal instrument was an export-control directive from the Commerce Department, delivered in a letter from Secretary Howard Lutnick to Dario Amodei, received at 5:21 PM ET on Friday, June 12. The administration is tied to the decision at a policy level, but the issuing body is Commerce.
What it actually required. A government license for the export, re-export, or domestic transfer of Fable 5 and Mythos 5, and suspension of access for any foreign national, inside or outside the United States. Anthropic's own statement says this extended even to its foreign-national employees, though that specific framing is Anthropic's characterization of the order's scope.
Get the Weekly IT + AI Roundup
What changed this week in NinjaOne, ServiceNow, CrowdStrike, and AI. One email, every Monday.
No spam, unsubscribe anytime. Privacy Policy
Why everyone lost access, not just foreigners. This is the crucial nuance. The order targeted foreign nationals. The total global blackout was Anthropic's own compliance decision, because it has no reliable way to screen users by nationality in real time through its API. Faced with an unenforceable line, it switched both models off for everyone. So "forced to block all public access" is true as a net effect, but the order itself did not demand that. Anthropic chose the blunt instrument over the impossible one.
No statute named. Coverage uniformly describes "national-security export-control authorities" without citing the specific law or executive order, and Anthropic says the letter gave no technical detail of the concern. An administration official told Axios the models need to stay "locked down" until the government's national-security apparatus is "hardened," possibly a few weeks. The Information reports the control is unlikely to be extended to other AI companies.
Anthropic's Side
Anthropic complied and pushed back hard at the same time. Its argument, across an official statement and a spokesperson response to SecurityWeek, runs like this:
- ●What was demonstrated was a narrow, non-universal technique, not a true jailbreak of its core safeguards.
- ●Its strongest protections run as independent classifiers separate from the model, so getting the model to keep talking does not disable them.
- ●Some of the shared outputs were not produced by Fable 5 at all, and the rest contained only general information already available in public sources, with "no meaningful uplift" for real-world harm.
- ●The vulnerabilities looked "relatively simple," and other public models surface the same information without any bypass.
In its sharpest line, the company said it disagrees "that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people," and warned that this standard, applied broadly, could stall frontier-model deployment across the industry.
Two honest caveats. The detailed "not produced by Fable 5 / only public info" rebuttal traces mainly to a single bylined source. And Anthropic separately apologized for an unrelated issue, a guardrail that had been silently degrading some outputs, which complicates its "everything worked as designed" framing.
Verified vs Hype: The Scorecard
If you only remember one section, make it this one.
| Claim | Verdict |
|---|---|
| Fable 5 launched June 9, pulled worldwide by June 12 | Verified |
| A Commerce export-control order (Lutnick letter) triggered the shutdown | Verified |
| The order targeted foreign nationals; Anthropic extended it to everyone by choice | Verified |
| Amazon researchers found a bypass and Jassy escalated it to Treasury | Verified (WSJ and others) |
| Pliny publicly claimed a jailbreak within ~24 hours | Verified as a claim |
| The jailbroken outputs were real and dangerous | Unconfirmed (never independently verified) |
| "The White House ordered the shutdown" | Imprecise (it was Commerce) |
| "Fable 5 became an unguardrailed Mythos 5" | Loose but rooted in truth (shared weights, not a separate endpoint) |
| "Amodei refused to patch it" | Single partisan source (unverified) |
The skeleton of the story is solid. The weakest links are the claims that lean on one source: the never-verified dangerous outputs, and the "Dario refused to patch" line that traces to a single partisan post.
The Real Lesson: Model Concentration Is a Risk You Can Price
Strip away the politics and there is a practical takeaway that has nothing to do with Anthropic specifically. A frontier model that hundreds of millions of people and countless products depended on went from available to gone in the span of one Friday evening, for reasons entirely outside any customer's control. No outage you caused. No bug you shipped. No warning.
If your product, agent, or workflow was hard-wired to a single model from a single provider, your options that night were: error out, or fall back to something weaker and hope it held. That is model concentration risk, and the Fable 5 episode is the cleanest illustration of it yet. The threat to your stack is not only price changes or quality regressions. It is regulatory action, safety incidents, and geopolitics, none of which show up in a benchmark.
You cannot prevent another government letter. You can absolutely make sure it does not take you down with it.
- ●Abstract the model layer. Route through an interface where swapping the underlying model is a config change, not a rewrite.
- ●Keep a tested cross-provider fallback. Not a model you "could" switch to in theory, one you actually run traffic through on a schedule so you know it works.
- ●Do not hard-code one model name. Match the model to the task, and keep a runner-up from a different provider for each critical path.
- ●Track policy and availability risk, not just quality and cost. A model can be excellent and still be one regulatory decision away from disappearing.
- ●Own your prompts and evals. If your prompts and test suite are portable, switching providers is an afternoon. If they are entangled with one model's quirks, it is a project.
This is the entire reason LLM Match Maker exists. Picking an AI model is not a one-time "which is best" decision. It is an ongoing fit-and-resilience decision, across a field that can change overnight, sometimes for reasons no spec sheet predicts.
Where This Goes Next
As of this writing the models are still dark, Anthropic is "working to restore access," and the administration is signaling a containment window measured in weeks rather than a permanent ban. Expect a quieter relaunch, possibly with tighter classifiers, and expect every other lab to read this as a preview of how fast a frontier model can be regulated off the market.
For everyone building on top of these systems, the meta-lesson outlasts the news cycle. The most capable model is not always the most available one. Design for the day your favorite model is not there.
Sources:
- ●Anthropic: suspending access to Fable 5 and Mythos 5
- ●Anthropic: introducing Claude Fable 5 and Mythos 5
- ●SecurityWeek: Anthropic disputes Fable 5 AI jailbreak
- ●TechCrunch: Amazon CEO reportedly raised Anthropic model concerns before government crackdown
- ●Axios: Anthropic, Trump administration, Mythos and Fable national security
- ●CNN Business: Anthropic Mythos model national security
- ●Fortune: Anthropic disables Fable and Mythos over export controls
- ●Washington Examiner: Amazon researchers use Anthropic AI to find cybersecurity weaknesses
*Not sure which AI model fits your work, or which one you could fall back to if your favorite vanished on a Friday night? Take the free 2-minute quiz and get matched.*
*Want to go deeper on the Claude lineup and how the tiers actually differ? See the full Fable 5 launch breakdown, compare it head to head on our model comparison, or start with the Claude Mastery course.*