After an 18-day suspension triggered by a US government export control order, Claude Fable 5 is back online globally — with a new safety classifier targeting the bypass technique that prompted the shutdown.

Anthropic has restored global access to Claude Fable 5, its latest general-purpose model, following the lifting of US export controls that had forced a full suspension of the model since mid-June. [1]

The US government applied export controls to both Claude Fable 5 and Claude Mythos 5 on June 12, requiring Anthropic to restrict access to foreign nationals. [1] Because the order took effect immediately and Anthropic had no reliable way to verify nationality in real time, the company suspended access for all users rather than attempt partial enforcement. [1]

The export controls were lifted on June 30, and Fable 5 became available on July 1 to users globally across the Claude Platform, Claude.ai, Claude Code, and Claude Cowork. [1] For Pro, Max, Team, and select Enterprise plan subscribers, Fable 5 is included for up to 50% of weekly usage limits through July 7, after which it will be available via usage credits. [1] Anthropic said it will re-enable access on AWS, Google Cloud, and Microsoft Foundry “as quickly as possible.” [1]

The export control directive was triggered after Amazon researchers published a report describing a method of bypassing Fable 5’s safeguards — specifically, a prompting technique that caused the model to identify software vulnerabilities and, in one case, produce code demonstrating how a vulnerability could be exploited. [1]

Anthropic’s own testing found that the behavior was not unique to Fable 5. The company said several less capable models — including Claude Opus 4.8, GPT-5.5, and Kimi K2.7 — could identify the same vulnerabilities. [1] For the single exploitation demonstration, Anthropic said every model it tested produced the same output, including Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7, Opus 4.8, GPT-5.4, GPT-5.5, and Kimi K2.7. [1]

Anthropic also concluded that the reported technique “did not expose any unique Mythos-level cyber capabilities” and characterized the bypassed behavior as “routine defensive cybersecurity work.” [1] Nonetheless, the company trained an improved safety classifier to block the specific technique described in the Amazon report. [1] Users whose requests are blocked will be notified, and those requests will be rerouted to Claude Opus 4.8. [1]

The new classifier blocks the reported technique in over 99% of cases, though Anthropic acknowledged that in a very small fraction of cases the model may still provide information — though not at a level of detail useful to a cyberattacker. [1] Researchers from the US Department of Commerce’s Center for AI Standards and Innovation (CAISI) tested both the prior and updated safeguards and, according to Anthropic, agreed that they are “extraordinarily strong.” [1]

Anthropic cautioned that the new classifier comes with a trade-off: it flags benign requests more often during routine coding and debugging tasks. [1] The company said it will continue refining the classifier to reduce false positives. [1]

Fable 5 and Mythos 5 share the same underlying model but were released with different safeguard profiles. [1] Fable 5 launched on June 9 with what Anthropic described as the strongest safeguards it has ever applied to a model, including a deliberately enlarged “safety margin” that causes the model to block some requests that are likely benign in order to make it harder to reach genuinely harmful behaviors. [1] Mythos 5, which carries fewer safeguards, was released only to a small number of trusted partners in a program called Glasswing for use in defensive cybersecurity. [1]

Anthropic described Mythos 5 as capable of finding and exploiting software vulnerabilities “more effectively than any other model — and all but the most skilled human security experts,” making it a high-value target for potential misuse. [1] Access to Mythos 5 has been restored for a set of US organizations following government approval on June 26, and Anthropic said it is continuing to coordinate with the government to expand access to additional domestic and international Glasswing partners. [1]

On the broader question of jailbreak resilience, Anthropic said it considers it “probably impossible to make any AI model fully robust” to jailbreaks, and expects that jailbreaks of varying severity will continue to be discovered. [1] The company said no universal jailbreak for Fable 5 has been found at the time of writing, and that expert safety researchers continue to red-team the model. [1]


Sources

  1. anthropic.com — Redeploying Claude Fable 5

This article was drafted with AI from the cited sources and checked against them before publication. Spot an error? Let us know.