Anthropic shuts down AI models Fable 5 and Mythos 5 worldwide following US order

Fable 5 has been available as a public variant since the beginning of the week, based on the Mythos technology but with cybersecurity and biotechnology capabilities deliberately blocked. Mythos 5 is considered a non-public full version and was previously used only by US agencies and selected industry partners to close security vulnerabilities in their systems. A test by the editorial team confirmed that Anthropic places a Classifier in front of the actual model and in some cases falls back on the previous model Opus 4.8 for sensitive inputs.

According to the company, the trigger for the export restriction is the US government's suspicion that a method exists to circumvent Fable 5's protective mechanisms and thereby gain access to Mythos's full cybersecurity capabilities. Anthropic disputes this picture: it examined a demonstration of the contested technique and found "lediglich eine kleine Zahl bereits bekannter, geringfügiger Schwachstellen gefunden, die auch andere öffentlich verfügbare Modelle aufspüren könnten – das Unternehmen nennt in diesem Zusammenhang ausdrücklich OpenAIs GPT-5.5.

Allegation: purported jailbreak and Anthropic's response

Anthropic describes the contested technique as a verbally communicated, potentially non-universal jailbreak. At its core, it involves instructing the model to read a specific codebase and fix software bugs. A universal jailbreak that fundamentally defeats Fable 5's protective mechanisms has not been found to date. At the same time, the company disagrees with the view that "ein einzelner potenzieller schmaler Jailbreak den Widerruf eines kommerziellen Modells mit Hunderten Millionen Nutzern rechtfertige".

Behind the escalation lies a longer-running conflict between Anthropic and the Pentagon. As the company portrays it, the dispute centered on its refusal to "Claude uneingeschränkt für massenhafte inländische Überwachung und vollautonome Waffensysteme freizugeben". In early March 2026, the US Department of Defense subsequently classified Anthropic as a "supply chain risk" – a category that significantly complicates the use of the company's software in government agencies. Anthropic is suing over this classification.

Conflict with the Pentagon: from the supply chain risk classification to lawsuit

Legally, the order is based, according to the company, on 10 U.S.C. § 3252, a narrowly tailored provision for specific supply chain risks in national security systems. This requires the department to explain why less intrusive measures are not reasonably available. Anthropic criticizes that the US agency has not provided any concrete technical details regarding the cited national security concerns and has only transmitted references to a limited security issue.

CEO Dario Amodei stated in a blog post that the company considers the "supply chain risk" classification legally untenable and wants to challenge it in court. The company describes the measure as a "Missverständnis" and is working on restoring access. Anthropic announced that it would restore access "so bald wie möglich wieder herzustellen" and apologized to users for the service interruption.

According to the company, the security safeguards for Fable 5 had previously been tested in thousands of hours of red-teaming – together with the US government, the UK AI Safety Institute (UK AISI), private organizations, and internal teams. "Die Ergebnisse hätten deutlich über denen früherer Modelle gelegen," according to Anthropic. A fully independent audit, for example by European research institutions, is not documented at present: there was no complete disclosure of the protective logic or the internal classifier architecture.

Defense-in-Depth and Red-Teaming: How well is Fable 5 protected?

Anthropic also points to a "Defense-in-Depth-Strategie": jailbreaks are to be either narrowly limited or very costly, supplemented by monitoring designed to quickly detect successful attacks. For Fable 5, a 30-day data retention requirement applies to enable analysis and containment of bypass attempts. At the same time, the company acknowledges that "perfekte Jailbreak-Resistenz für kein Modell erreichbar sei".

The timing is notable: only a few days before the order, Amodei had publicly advocated that governments should be able to block potentially dangerous AI software. However, Anthropic emphasizes that such an intervention must occur "auf Basis transparenter und klarer Verfahren sowie technischer Fakten geschehen. Das sei jetzt nicht der Fall". The company's current government measures do not correspond to "den Grundsätzen einer fairen und faktenbasierten Regulierung," the company stated.

The incident marks a shift in US export control policy. Previously, export restrictions focused primarily on high-performance AI chips and data centers; now AI models themselves are coming into focus of state control for the first time. Washington is increasingly treating modern AI systems as a strategic technology whose proliferation is to be monitored as strictly as other security-relevant high technologies.

International dimension: US export controls meet the EU AI Act

In Europe, regulation takes a different approach. While US export control law targets foreign trade access restrictions, the EU AI Act pursues a risk-based approach with market surveillance, transparency, and documentation obligations. In Germany, the Federal Network Agency is to become the central market surveillance authority; the corresponding draft law (KI-MIG) was passed by the Bundestag on June 11, 2026, with Bundesrat approval still pending.

IT security expert Dennis-Kenji Kipker sees considerable risk in Mythos's capabilities: "Mythos könne eine große Zahl von IT-Sicherheitsschwachstellen finden. Das könne auch von kriminellen Akteuren genutzt werden." The concern that such an AI could be used as a cyber weapon has accompanied the model since its first presentation. At the time, Anthropic considered the system "zu gefährlich für die Veröffentlichung" and restricted access to selected agencies and companies so that they could close discovered vulnerabilities before others could exploit them.

Outlook: implications for the global AI market

Observers see the conflict as a possible prelude to a greater fragmentation of the global AI market. The fact that even a US company like Anthropic, which had granted agencies early access to its most powerful models, is now being hit with export bans, points to a new level of escalation in the handling of AI as a security-relevant technology. Until a judicial clarification, Fable 5 remains shut down for the time being – the other Claude models are not affected, according to Anthropic.