The code that scared Washington: Why Anthropic's latest AI was pulled back

# Tech Desk
Anthropic website
Anthropic website

Anthropic has suspended access to two of its most powerful new AI tools after the United States government issued an emergency national‑security order, amid fears the systems could be exploited for cyber‑attacks and software "jailbreaking".

In early June, Anthropic publicly launched Fable 5 and prepared a wider rollout of Mythos 5, a pair of advanced Claude‑family models pitched as frontier‑level systems for coding, cybersecurity analysis and complex automation.

Fable 5 was marketed as Anthropic's most capable general‑purpose model to date, with greatly improved reasoning and code‑generation abilities compared with earlier Claude versions, and was made available to enterprise customers and developers just days before the suspension.

Mythos 5 (and a previous "Mythos Preview") was explicitly aimed at security and systems analysis: Anthropic itself had already warned in April that Mythos could detect and exploit software vulnerabilities at a scale that "raised concerns in Washington", and it initially restricted that model’s release.

The commercial potential was obvious

For companies and governments, these tools promised far more powerful code assistants, automated penetration testing, large‑scale incident response and complex "agent" workflows built on Anthropic's Model Context Protocol, which lets models plug directly into live data sources and tools.

For developers, they were a step toward AI systems that can independently explore large codebases, refactor legacy software and probe security weaknesses faster than human teams.

That same capability, however, is exactly what spooked US national‑security officials.

How US government forced a full shutdown

Late on Friday, the US Commerce Department, citing national‑security officials, issued an export‑control style directive to Anthropic.

According to Anthropic's public statement and press reports, the order banned access to Fable 5 and Mythos 5 for all foreign nationals, whether they were inside or outside the United States -- including foreign employees of Anthropic itself.

Because Anthropic runs these models as centralized cloud services and could not practically segment usage by citizenship on short notice, it said it was forced to suspend the models entirely for all customers to remain compliant.

Anthropic described the directive as an "export control order" tied to national security, and said it had "no choice" but to pull the models while it worked with regulators on a narrower access regime.

This all comes against a broader policy backdrop. Earlier in June, President Donald Trump signed an AI safety executive order asking leading companies to voluntarily submit their most powerful models for government cybersecurity testing up to 30 days before public release.

The White House move followed internal alarms about Anthropic's Mythos line, which some officials warned could "find vulnerabilities in the world's software" at unprecedented speed.

In short, Fable 5 and Mythos 5 were caught at the intersection of rapidly advancing capability and a US security establishment that had just built new levers to slow or shape deployment.

What exactly worried US security officials?

The heart of the government's concern, by Anthropic's own account, was that they had become aware of a specific method to "jailbreak" Fable 5 and potentially-related systems.

Multiple outlets, citing Anthropic and US officials, describe three main risk clusters:

1. Jailbreaking and bypassing safeguards: Anthropic said its "understanding is that the government believes it has become aware of a method of bypassing, or ‘jailbreaking’, Fable 5." Jailbreaking, in this context, means circumventing the model’s built‑in safety filters so it would generate content the company normally blocks – for example, detailed hacking instructions, malware code, or guidance on exploiting real‑world systems. US cybersecurity officials reportedly worried that such a jailbreak technique could spread among hostile actors or be traded on underground forums, turning Fable 5 into a force‑multiplier for cyber‑attacks.

2. Offensive cyber potential: Anthropic had already acknowledged that the Mythos line was powerful enough at vulnerability discovery to slow its own release. Officials in Washington warned CEOs that Mythos appeared capable of scanning for and identifying software security flaws at scale, potentially across widely used open‑source and commercial codebases. In the worst case, a hostile actor with access to such a system could find zero‑days faster than defenders can patch them, upending the current balance in cyber offense and defense. Combined with a Fable‑style jailbreak, that raised the specter of tools that not only find weaknesses but help weaponize them.

3. Export‑control and foreign access: The Commerce directive was framed as an export‑control measure, which is normally used for sensitive dual‑use technologies. By barring all foreign nationals from using Fable 5 and Mythos 5, the order treated the models much like controlled cryptography or advanced chips, on the theory that they might aid foreign cyber units or intelligence services.

The move came after months of mounting tension between the Trump administration and Anthropic, including a separate February decision in which Trump ordered all US federal agencies to stop using Anthropic AI, calling the firm a security risk after disputes over military applications.

Taken together, the message from Washington was clear -- these systems were now seen as technologies with strategic implications, not just consumer software.

What users lose while the models are offline

For enterprises, developers and researchers who had started integrating Fable 5 -- or were waiting on Mythos 5 -- the suspension means an abrupt halt to some of the most advanced capabilities Anthropic has ever shipped.

Potential and early‑stage uses included:

* Security operations and testing

* Automated code review and penetration testing of large systems.

* Simulating attacker behavior to stress‑test networks and applications.

* Prioritized vulnerability triage based on exploitation likelihood.

* Large‑scale developer productivity

* Understanding and refactoring millions of lines of legacy code.

* Generating and validating patches across distributed codebases.

* Building AI "agents" that plug into internal tools via Anthropic's Model Context Protocol, orchestrating everything from ticket systems to CI/CD pipelines.

* Advanced analysis and planning

* Complex supply‑chain and risk modelling

* Automated reasoning over mixed text, code, and logs.

* Building domain‑specific copilots in finance, law, and engineering using a single frontier model.

In practice, many of these workflows now have to fall back to older Claude models or competitors’ systems, which may be less capable – or, ironically, less vetted – than Fable 5 and Mythos 5 would have been under a structured review regime.

How this fits into the emerging AI‑security regime

The suspension of Anthropic’s new tools is also a test case for the new AI safety architecture Washington is trying to build.

Trump’s June executive order effectively invites companies to pre‑clear powerful models with government cybersecurity teams before release, in part to avoid last‑minute clampdowns like this one.

The White House shifted to a “voluntary but highly encouraged” posture rather than formal licensing, but episodes like the Fable/Mythos suspension show it is prepared to use export‑control and national‑security authorities when it feels blindsided.

From Anthropic’s side, the move is a stark reminder that once a model crosses into perceived dual‑use territory -- especially around cyber offense -- it will be treated more like a weapons‑adjacent technology than a consumer app.

The company's own positioning as a safety‑first lab, and its earlier self‑restraint with Mythos Preview, did not insulate it from rapidly escalating political pressure.

What happens next?

Anthropic has said it is working with US authorities to refine access controls and understand the precise jailbreak vector that triggered the clampdown, with a view to eventually re‑enabling the models under stricter safeguards or tiered access.

Possible next steps under discussion in Washington and industry circles include limiting the most powerful capabilities to vetted US entities or on‑premise deployments with enhanced monitoring. Besides, companies could be required yo submit detailed internal testing on cybersecurity and misuse risks alongside any request to deploy models like Mythos.

Channels could be set up where AI companies and government agencies can confidentially share information about jailbreak methods and emergent risks.

For now, though, the reality is simple: two of the most advanced AI tools yet publicly announced have been pulled back behind the lab wall, not because they failed commercially, but because US officials decided their offensive potential outweighed the benefits of immediate deployment.