The Fable Blackout: Why the US Blocked Anthropic's Best AI

TL;DR:

On June 12, 2026, the US Department of Commerce ordered Anthropic to suspend access to Claude Fable 5 and Mythos 5 — just three days after launch.
The official pretext was a "jailbreak" vulnerability, but the real conflict has been building for 18 months: Anthropic refused to help the Pentagon build autonomous weapons and enable mass domestic surveillance.
For the first time in history, a government blocked a frontier AI model via export controls, setting a global precedent with consequences no one can fully predict.

The blackout nobody saw coming

At 5:21 PM on Friday, June 12, 2026, Dario Amodei, CEO of Anthropic, received a letter from US Secretary of Commerce Howard Lutnick. It was unambiguous.

The letter ordered the immediate suspension of access to the company's two most advanced models — Claude Fable 5 and Claude Mythos 5 — for any "foreign national," whether inside or outside the United States. That included Anthropic's own foreign-born employees.

Only 72 hours had passed since Fable 5 launched.

The only practical way to comply was to disable both models entirely for every user on the planet. What Anthropic described as a "draconian" measure was executed within hours. Millions of users — corporations, researchers, developers worldwide — found an error message where a state-of-the-art AI model had been.

It was the first time in history a government had blocked a frontier AI model via export controls.

Fable 5 and Mythos 5: what exactly was shut down

To grasp the magnitude of what happened, you need to understand the difference between the two suspended models — a distinction that much of the media coverage blurred.

Claude Mythos 5 is the "foundational" or "raw" model. Anthropic described it as extraordinarily capable in offensive cybersecurity — so capable that in April 2026, the company itself warned internally that Mythos was "too good at hacking systems" to be released to the public. It was only made available to a select group of US tech corporations through a program called Project Glasswing, specifically so those companies could find and patch vulnerabilities in their own critical systems. A defensive tool that turned out to be too sharp for unsupervised hands.

Claude Fable 5 was the commercial product. Launched on June 9, it uses the same underlying engine as Mythos, but with "safeguards" — guardrails — that actively block prompts attempting to exploit its offensive capabilities. On average, these filters activate in fewer than 5% of sessions. When a request related to offensive cybersecurity, dangerous chemistry, or internal capability extraction is detected, it's automatically rerouted to Claude Opus 4.8, a less capable model.

Anthropic spent thousands of hours on internal and external testing — including with US and UK agencies — to validate those safeguards. They never found a "universal jailbreak." But they acknowledged something that would become political ammunition: "perfect jailbreak resistance is probably not achievable for any current provider."

That was the crack. And someone decided to use it.

The official trigger: a jailbreak nobody can verify

The US government provided no public technical details about its directive. But Anthropic concluded, based on prior communications, that the order was based on the existence of a method to bypass Fable 5's safeguards.

There are two versions of events.

The government's version, represented by former advisor David Sacks, is that the US found evidence of a real vulnerability, informed Anthropic, asked them to fix it or pull the model, and Anthropic refused. Sacks put it bluntly on social media: "the government said fix the problem, they said no."

Anthropic's version is more nuanced. The company acknowledges minor vulnerabilities existed, but argues they were already known and that other models — including OpenAI's GPT-5.5 — could surface the same information without any special techniques. According to Anthropic, what the government presented as evidence was a "verbal demonstration" of a "narrow, non-universal" jailbreak, and that finding did not justify pulling a commercialized product.

The situation was complicated by a parallel event: within 48 hours of launch, a researcher known as Pliny the Liberator published the complete system prompt for Fable 5 on GitHub and X (Twitter). While it's unclear how actionable this is for a large-scale cyberattack, it exposed the model's internal security architecture to anyone with malicious intent.

There's also a third actor worth noting: Amazon. According to information that emerged during the conflict, Anthropic suggested that the research that alarmed the government came from Amazon engineers — who are, paradoxically, both a massive investor in Anthropic and a direct commercial competitor, with their own AI model called Nova. A conflict of interest the government appeared determined not to examine.

The backstory: 18 months of quiet warfare

The June 2026 blackout was not an isolated incident. It was the culmination of a conflict that began in early 2025 between Anthropic and the Trump administration.

The "Woke AI" campaign

From Trump's return to the White House, officials began targeting Anthropic in explicitly cultural and political terms. Claude was publicly labeled "Woke AI" — political code for an AI that refuses certain instructions on ethical grounds. CEO Dario Amodei was called an "ideological lunatic" by cabinet members.

This wasn't empty rhetoric. It had concrete, measurable consequences.

The Pentagon ultimatum: autonomous weapons or nothing

The sharpest clash before June occurred when the Department of Defense tried to incorporate Anthropic's models into its operations. Negotiations broke down over two red lines Anthropic refused to cross:

Mass domestic surveillance of US citizens without independent oversight.
Fully autonomous weapons systems — drones and military robots capable of deciding to kill without human involvement in the decision process.

Anthropic published a formal statement refusing these uses. The government's response was immediate and calculated.

In early March 2026, Secretary of Defense Pete Hegseth designated Anthropic a "Supply Chain Risk." That's a label normally reserved for foreign adversaries or companies that have installed malware in critical infrastructure. It had never before been applied to an American technology company.

The practical consequence was clear: military contractors were required to stop using Claude. Anthropic became the first American company to be designated a national risk — a dubious distinction no Silicon Valley firm had ever held.

The judicial response: the government loses in court

Anthropic sued the federal government. And won — at least temporarily.

On March 26, 2026, federal judge Rita Lin blocked the "supply chain risk" designation through a preliminary injunction, characterizing the Pentagon's actions as an attempt to "punish Anthropic for its speech." The judge also noted that the government had operated on a "tweet first, lawyer second" basis, prioritizing social media announcements over established legal procedures.

The ruling was a legal win for Anthropic. The political war continued regardless.

The inadvertent confession

The sharpest irony came in the form of an admission: President Trump himself acknowledged that the Pentagon would need six months to stop using Anthropic's AI without disrupting its military operations.

The government that had labeled Anthropic a national threat was dependent on it to function. According to court documents, US intelligence and defense services had actively used Claude throughout all of 2025 — without a single documented complaint.

Washington's double standard

The pattern that emerges from the available documentation describes a systematic contradiction.

On one hand, the administration accused Anthropic of producing "Woke AI," refused its contracts because it declined to strip ethical safeguards, labeled it a national risk, and ultimately ordered its most advanced models shut down.

On the other hand, US intelligence services actively used Claude throughout 2025. The DoD's CIO wrote on X that "some things are more important than revenue... America First" — while internally acknowledging that Claude was indispensable to their operations.

And when the Pentagon pressed to remove restrictions on autonomous weapons and mass surveillance, it wasn't out of genuine concern for citizen security. It was because it wanted unrestricted access to the most powerful available technology — with no ethical conditions attached.

Notice also what didn't happen: OpenAI's GPT-5.5, which offers comparable capabilities, received no sanction. The difference between OpenAI and Anthropic in this conflict is not technical — it's political.

The central question: fear or retaliation?

Evaluating the available evidence leads to a nuanced but clear conclusion.

The regulatory/national security cause is real: the directive was signed by the Secretary of Commerce, draws on the Export Control Reform Act of 2018, and there is a normative precedent for controlling dual-use technology that could be weaponized for cybersecurity attacks. This is the primary cause with the highest probability (~80-90%).

The technical cause (the jailbreak) has moderate probability (~50%). Minor vulnerabilities existed — no one disputes that. The government became aware of them and acted. But the actual severity of those vulnerabilities is disputed, and the fact that comparable models from competitors received no equivalent treatment suggests the jailbreak was the pretext, not the reason.

The political cause — retaliation for the Pentagon refusal, consequence of the culture war against "Woke AI," possible influence from Amazon as a competitor — has circumstantial but consistent evidence, and explains why Anthropic was the target and not OpenAI or Google.

The most honest answer: both. The jailbreak opened the legal window. Pre-existing political conflict decided to jump through it.

Global consequences: the AI Iron Curtain

What the US government did has consequences that extend far beyond Anthropic and the week's news cycle.

For the first time in history, a software model is unavailable to engineers in India, Europe, Asia, or Latin America simply because of their nationality. Anthropic's own foreign-born employees — many of them world-class researchers — were barred from accessing models they helped build.

Savinder Puri of Zensar Technologies captured it precisely: "Tech was democratically available. Today, that's not the case."

The risks this decision introduces are concrete and measurable:

Brain drain: The world's best AI engineers are, for the most part, not US citizens. If the US imposes access restrictions by nationality, it risks pushing that talent toward less restrictive jurisdictions — or directly toward China, which has no such compunctions.

Internet fragmentation: This decision establishes the first real precedent of what is already being called the "AI Iron Curtain" — a technological divide that restricts access to frontier AI along geopolitical rather than technical lines.

Investor uncertainty: Anthropic is pursuing an IPO valued at more than $1 trillion. Being unable to launch products globally — or having to pull them three days after launch — undermines that valuation and any business model built on global scale.

Constitutional precedent: Judge Rita Lin already warned that the government may be violating the First Amendment by punishing Anthropic for its ideological stance. If this precedent holds, it will affect any technology company that refuses to comply with government demands it considers ethically unacceptable.

For deeper context on the technical security risks around these models, see our analysis of AI coding agent security risks, and our earlier coverage of why Claude Mythos' raw power caused so much fear.

The underlying problem: nobody fully controls these tools

There's an uncomfortable truth that underlies this entire conflict.

Oxford economist Maximilian Kasy articulated it clearly: large language models work better than they "should," and the scientists who build them don't fully understand why. The models have billions of parameters interacting in unpredictable ways. This isn't classical engineering — it's sophisticated alchemy that operates through trial and error, not through a complete theoretical framework.

If even Anthropic cannot guarantee 100% that no jailbreak exists for Fable 5 — because they don't fully understand the cognitive emergence of their own model — the inevitable question is: how can the government certify that it's safe or unsafe?

The June directive is, in this sense, an implicit admission of something Washington prefers not to say out loud: that the state doesn't trust that private companies — or indeed itself — can control what has been created.

Our take: a clash of sovereignties, not of security

The Fable blackout is not a story about a technical error. It's a story about who gets to decide how the world's most powerful AI is used.

Anthropic built its company on an explicit ethical proposition: Constitutional AI. Its models have limits because its founders — many of them former OpenAI researchers who left precisely over safety and alignment concerns — genuinely believe that limits are necessary for the technology to be beneficial in the long run.

The Trump administration built an equally explicit political proposition: the technological and military supremacy of the US cannot be constrained by the ethical scruples of a private company. If the world's most powerful model can hack enemy systems, the state wants access to that capability — unmediated by ethics.

The problem is that both positions are, to some degree, understandable. A model with offensive cybersecurity capability in the wrong hands represents a real risk. And a company that refuses to cooperate with its own government's defense establishment is navigating politically treacherous waters.

But context matters enormously. The government that pressured Anthropic to remove safeguards around autonomous weapons and mass surveillance, that labeled it a national risk when it refused, and then confessed to depending on it for military operations, lacks the moral credibility to argue that the Fable shutdown was purely about security.

The available evidence — 18 months of prior conflict, differential treatment compared to OpenAI, Amazon's role, the Pentagon dependency admission — suggests that the jailbreak was the legal window. The political retaliation was the hand that opened it.

What remains after the blackout is a question with no easy answer: can the world's most powerful AI be developed with ethical principles when the state that hosts it demands otherwise?

The story of Anthropic in 2026 has no clear hero and no simple solution. What it has, instead, is the texture of every major technological conflict in history: the moment when the tool becomes so powerful that the old balances of power can no longer contain it.

Sources

Tincho Fuentes — Tech journalist and investigative researcher 🚀