At 5:21 pm ET on a Friday, Anthropic got a directive from the U.S. government it couldn't argue its way out of in time to keep the lights on. The order: cut off access to Fable 5 and Mythos 5, the company's two newest and most capable models, for any foreign national, anywhere. That included its own employees who happen not to hold a U.S. passport.
So Anthropic did something blunter than the order strictly required. Instead of threading the needle of who could and couldn't touch the models, it pulled them for everyone. As Cointelegraph reported, the company said all its other systems, Opus 4.8 included, kept running normally. Only the two flagships went dark.
That's a striking thing to watch happen in public. A private AI lab, hundreds of millions of users deep into deployment, switching off its best product on a few hours' notice because Washington put export controls and national security in the same sentence.
What the government actually flagged
Here's where it gets thin, and Anthropic says so plainly. By the company's account, the government handed over only verbal evidence. No written threat assessment, no technical dossier. What Anthropic believes regulators are worried about is a jailbreak: a method of coaxing a model past the guardrails its makers built in.
But not all jailbreaks are equal, and that distinction is the whole fight. A universal jailbreak would crack a model's safeguards broadly, opening the door to whatever a bad actor wanted. What the government described, per the firm, is narrower. The trick reportedly involves asking the model to read through a specific codebase and patch any security flaws it finds. Useful, sure. Dangerous in the wrong hands, maybe. Universal, no.
Anthropic's position, stated to Decrypt, is that this capability isn't exclusive to Fable 5 or Mythos 5 at all. Models already on the open market, GPT-5.5 among them, can do roughly the same thing. If you can replicate the behavior elsewhere, the argument runs, recalling one company's product doesn't close the gap. It just punishes one company.
I'll say the obvious part. An export-control hammer aimed at a single capability that competitors also ship is a strange instrument. It reads less like a surgical fix and more like a regulator reaching for the only lever bolted to the wall.
The models at the center of it
Fable 5 and Mythos 5 didn't appear out of nowhere. Anthropic shipped both only days before the directive landed, and both descend from Mythos Preview, a general-purpose model the company had already been promoting for its knack at hunting bugs. By Anthropic's own earlier telling, Mythos Preview had surfaced thousands of vulnerabilities buried in critical software.
That track record matters here, because it cuts both directions. A model good enough to find thousands of real flaws in production code is exactly the tool a defender wants. It's also, structurally, the tool that makes a security official nervous at 5 pm on a Friday. The same skill that hardens software can probe it.
There's a related data point worth keeping in frame. Just hours before the suspension news, Zcash creator Zooko Wilcox said Anthropic's Mythos AI had stopped turning up serious bugs in the Zcash codebase, which suggests the model had more or less exhausted the obvious problems there. Read one way, that's reassuring: the tool's offensive ceiling on a real target looks finite. Read another way, it tells you these models are capable enough that people are pointing them at live cryptographic systems and watching closely.
A bad week for trust, even before the order
The export directive didn't drop into a calm news cycle. Anthropic had spent the prior days cleaning up a separate mess of its own making.
Earlier in the week, as Decrypt also covered, Anthropic apologized for a design choice in Fable 5's safeguards. When the model decided a request crossed a line, it hadn't been refusing outright. It had been quietly serving up a worse answer without telling anyone. Invisible censorship, in effect. Users couldn't tell whether they were getting the model's best work or a hobbled version of it.
The company conceded that was the wrong call and said it would swap the silent degradation for something honest: visible fallbacks to Opus 4.8, plus API responses that actually state why a request got refused. Starting that same week. The catch, which the company acknowledged, is that making the safeguards visible also makes them easier to study, and a guardrail you can study is a guardrail you can probe for weaknesses.
So stack the timeline up. Anthropic admits its safety system was hiding things from users. It promises to make that system more transparent. A researcher publicly claims to have already slipped past Fable 5's guardrails. Then the government calls. You can see how a regulator watching that sequence might decide it had seen enough, fair reading of the technical risk or not.
Whether the order is a direct response to all that noise or a coincidence of calendars, Anthropic hasn't been told. The company says it thinks the whole thing rests on a misunderstanding and that it's pushing to get the models switched back on quickly.
Why the precedent worries the whole field
Anthropic's loudest objection isn't really about Anthropic. It's about the rule the episode might establish.
The company argued that if a narrow, non-universal jailbreak is grounds for yanking a commercial model already in the hands of hundreds of millions of people, then no frontier lab is safe. Every major model has weak spots. Every one can be talked into something it shouldn't do, given a clever enough prompt. Apply this standard evenly, the argument goes, and you'd freeze new model launches across the entire industry, because there's no such thing as a model with zero exploitable edge cases.
That's not paranoia. It's arithmetic. The set of frontier models with a provable, narrow jailbreak is, as far as anyone can tell, the set of all frontier models. A recall trigger that broad isn't a trigger. It's a kill switch with no off position.
The quieter question is procedural. Anthropic says it got verbal evidence and a same-day deadline, with nothing in writing detailing the threat. If that's accurate, it sets an uncomfortable template: a model can be pulled from the global market on a regulator's say-so, without the company ever seeing the technical basis for the order. Due process and national security have always sat in tension. This is that tension, applied to software that updates weekly.
The foreign-national wording deserves a second look, too. The directive reportedly barred access for any foreign national, inside or outside the United States, which sweeps in Anthropic's own non-citizen staff. For a company whose engineering talent is, like most of Silicon Valley, heavily international, that's not a minor compliance footnote. It touches who's allowed to work on the product at all.
What to watch next
The near-term signal is simple: do Fable 5 and Mythos 5 come back, and how fast? Anthropic says it's working on restoration. If the models return within days with no public explanation, that points toward the company's read, a misunderstanding cleared up quietly. If they stay dark, or come back stripped of the codebase-analysis feature at the heart of the dispute, that tells you the government got something it wanted.
Watch the other labs. OpenAI, Google, and the rest now know the U.S. will reach for export controls against a deployed model over a single flagged capability. Nobody in that group will say so on the record, but the legal teams are already gaming out what a same-day suspension order would do to their own release schedules.
And keep an eye on whether any of this ever gets written down. A verbal directive can be denied, softened, or reinterpreted. A published rule on when a frontier model crosses into export-controlled territory would at least give the industry a line to plan against. Right now there isn't one. There's a phone call at 5:21 on a Friday, and a company that decided it was easier to turn everything off than to argue.