Anthropic puts Fable 5 back online after 18 days of export controls
Anthropic restores Fable 5 on July 1 after the US lifted June 12 export controls over a reported jailbreak, and proposes a four-criterion industry jailbreak-severity framework with Amazon, Microsoft, and Google.
Anthropic will put Fable 5 back in front of users on July 1, ending an 18-day freeze that started on June 12 when the US Commerce Department ordered the model offline over a reported jailbreak.
The company said Fable 5 returns globally on Claude.ai, the Claude Platform, Claude Code, and Claude Cowork, with cloud marketplaces on AWS, Google Cloud, and Microsoft Foundry to follow. The model is free for up to 50% of weekly usage through July 7 for Pro, Max, Team, and select Enterprise plans, then shifts to usage credits.
The shutdown was the first time the US government used export-control authority to force a widely deployed commercial AI model offline. The order, signed by Commerce Secretary Howard Lutnick, restricted access for any foreign national, anywhere in the world, including non-citizen employees working inside the United States. Anthropic said it could not verify user nationality in real time and pulled both Fable 5 and Mythos 5 from every customer the same evening. Three days earlier the company had launched Fable 5 as the public sibling of the restricted Mythos 5, sharing the same underlying model with stronger safeguards layered on top.
Reporting from Axios and the Wall Street Journal tied the order to a finding from Amazon researchers, who reportedly bypassed Fable 5 safeguards and got the model to identify software vulnerabilities, then produced demonstration code for how one of them could be exploited. White House AI adviser David Sacks wrote on X that the government asked Anthropic to fix the issue or de-deploy the model and that Anthropic refused. Anthropic pushed back, saying it reviewed the same evidence, confirmed that less capable models such as Claude Opus 4.8, GPT-5.5, and Kimi K2.7 could reach the same result, and that the underlying technique did not expose any Mythos-level capability unique to the new architecture. The company framed the order as a standard that, if applied industry-wide, would halt frontier releases outright.
What the redeploy day actually looks like for users
The redeploy is a notable win for Anthropic, which had argued from the start that the export-control order was disproportionate to the technical risk involved. The company also won a reputational point on the specifics. Its own testing showed that the reported technique did not expose any unique Mythos-level cyber capability, and the model in question was the public Fable 5, not the restricted Mythos 5 that was the actual subject of the order. The closed loop between Amazon and Anthropic, both investors in the same cloud and AI ecosystem, is the subtext that will likely shape how the next round of jailbreak reporting plays out. Amazon is one of Anthropic's largest investors and a major cloud partner, and the fact that Amazon researchers produced the report that triggered the order makes the relationship unusual on its face. Anthropic did not name Amazon in its own post. Yahoo Finance and the Wall Street Journal named Amazon in their reporting, citing people familiar with the matter. The open question for buyers and operators is whether the new industry framework will end up differentiating between reports that come from commercial partners with skin in the game and reports that come from independent red teams. Anthropic's proposed discoverability criterion is a first cut at that question, but it does not resolve the conflict of interest problem directly.
For product teams, the practical changes are smaller and easier to action. Fable 5 becomes available on Claude.ai, the Claude Platform, Claude Code, and Claude Cowork on July 1, with the 50% included-usage window running through July 7. AWS Bedrock, Google Cloud Vertex AI, and Microsoft Foundry availability is expected to follow as soon as the cloud partners complete the restoration work. Premium Enterprise seats include Fable 5 in the subscription through July 7 and need usage credits enabled for ongoing access. Standard Enterprise seats have no included Fable 5 allowance and need credits enabled from day one. The same mandatory 30-day data retention that applied to Fable 5 at launch still applies. The new jailbreak reporting channel via HackerOne is the second practical change. It is a researcher-facing channel, not a customer-facing one, but it will shape the next round of safety incidents.
The new Fable 5 classifier and the safety-margin tradeoff
Anthropic did not push back alone. The company said it built a new safety classifier that blocks the specific Amazon technique in over 99% of cases, and routes flagged requests to Claude Opus 4.8 with a user-visible notice. The fix comes at a cost. Anthropic acknowledged in the same post that the tighter classifier will misclassify more benign requests during routine coding and debugging, the same trade the company made at launch when it widened the safety margin on Fable 5 to keep defensive cybersecurity work out of reach of the model. The wider margin is the explicit reason Fable 5 is missing routine defensive security capabilities that every other tested model can produce.
The bigger news is the framework Anthropic is proposing for the rest of the industry. The company said it is working with Amazon, Microsoft, Google, and other Glasswing partners on a four-criterion severity scale for AI jailbreaks. The first two criteria cover what the jailbreak gives an attacker. Capability gain measures how far beyond existing tools the unblocked model can take the user. Breadth of capability gain measures how many distinct offensive tasks the same technique exposes at once. The second two cover how fast the technique becomes a real-world problem. Ease of weaponization measures how much skilled prompting and retry effort is required to turn the technique into an attack. Discoverability measures how easy it is for someone else to obtain the technique in the first place.
A jailbreak that hits high marks across all four would trigger immediate mitigations and a 24/7 monitoring team. Anthropic is also standing up a HackerOne program where outside researchers can submit potential cyber jailbreaks against Fable 5 once it is live. The framework is a work in progress, and Anthropic said the four criteria are expected to evolve as more partners weigh in. The company framed the goal in plain terms: developers need a shared way to triage new findings, governments need a shared way to decide when to act, and the gap between the two has been the single largest source of friction in the past 18 days.
Glasswing expansion and the deeper government work
The jailbreak framework is the most concrete part of the post, but the bigger story is the new government collaboration track. Anthropic committed to four specific steps. First, pre-release government access and evaluation: for any model that materially advances the capability frontier in national-security-relevant areas, Anthropic will give designated government partners expanded early access to both the model and its safeguards, with Anthropic technical staff embedded alongside government evaluators during the testing period. Second, rapid information sharing on safeguards: when significant jailbreaks or misuse patterns are identified, Anthropic will investigate, triage, and notify government counterparts, and will share the new safeguards it builds so they can be independently tested. The company will also feed threat intelligence into the interagency vulnerability clearinghouse established under section 2(d) of the June 2 executive order on AI security.
Third, dedicated resources for joint research: Anthropic will stand up dedicated internal teams to work on shared government priorities, allocate a significant compute block to support government testing and research, and make its safety and red-teaming expertise available to advance the state of the art in AI evaluation. Fourth, a common industry bar: the company will work with the government and other frontier labs toward a shared, voluntary security and evaluation standard, and will contribute evaluations, tooling, and best practices that the government can apply across the field. The four commitments build on roughly two years of pre-existing pre-deployment collaboration with US government partners.
The Mythos 5 expansion is already moving. Anthropic confirmed Mythos 5 access was restored on June 26 for a set of US organizations after the government gave its approval, and said it is coordinating to expand access to the broader set of domestic and international partners in the Glasswing program. The Mythos 5 restoration is the second concrete piece of news from the post, after the Fable 5 redeploy. The expansion of Glasswing is the third. The combination is what makes the post the biggest shift in the US government's posture on frontier AI in the past two years. The government gave back the export-control lever, in exchange for a much more structured pre-release collaboration agreement, and a multi-lab industry framework that any new jailbreak can be measured against.
Anthropic's full "Redeploying Fable 5" post is the primary source. The earlier Anthropic Fable 5 suspension coverage is the prior AIntelligenceHub reporting on the same fight. The wider export-control and government-collaboration story is also covered by the AIntelligenceHub AI policy resource page.
Weekly newsletter
Get a weekly summary of our most popular articles
Every week we send one email with a summary of the most popular articles on AIntelligenceHub so you can stay up-to-date on the latest AI trends and topics.
Comments
Every comment is reviewed before it appears on the site.
Related articles
Anthropic ships Claude Sonnet 5, narrowing the gap to Opus
Anthropic shipped Claude Sonnet 5 on June 30, 2026, the most agentic Sonnet yet, with close-to-Opus capability, $2 per million input intro pricing, and the same cyber safeguards as Opus 4.7.
Brookfield and Bloom Energy scale AI power deal to $25B
Brookfield lifted its AI infrastructure fuel cell finance framework with Bloom Energy from 5B to 25B, a fivefold expansion of their October 2025 deal.
Cisco ships the multiagent architecture behind Policy Studio
Cisco published a deep dive on the orchestrator-plus-subagent architecture behind Policy Studio, the AI assistant the company added to Cisco AI Defense at Cisco Live Las Vegas earlier this month.