The geopolitical nature of AI progress is now being laid out in the open in a big way.

Anthropic has confirmed that it received an export control directive from the US government on June 12, ordering the company to suspend all access to its Fable 5 and Mythos 5 models for foreign nationals, regardless of whether they’re located inside or outside the United States. That includes Anthropic’s own foreign national employees. The result is that both models are now disabled for every customer globally, since there’s no practical way to restrict access by nationality alone. Access to all other Anthropic models will not be affected.

According to Anthropic, the directive landed at 5:21pm ET with little warning and even less explanation. The company says the letter did not provide specific details of its national security concern, but Anthropic’s read on the situation is that the government has gotten word of a jailbreak technique for Fable 5. Anthropic says it has reviewed the demonstration and found it surfaces only a handful of previously known, minor vulnerabilities — the kind of thing other publicly available models can apparently turn up without any bypass required at all.

What makes this notable is how hard Anthropic is pushing back, even while complying. The company spent a good chunk of its statement reiterating the safeguards work it did before Fable 5 ever shipped — thousands of hours of red-teaming with the US government, the UK AISI, and outside researchers. Per Anthropic, no one in that process found a universal jailbreak, meaning a method that could broadly strip away the model’s protections across a wide range of cyber tasks. The company has long maintained that perfect jailbreak resistance isn’t achievable for any lab, and that the realistic goal is to make jailbreaks narrow or prohibitively expensive while catching misuse quickly — the “defense in depth” approach it talked about when Fable and Mythos launched.

As for what actually triggered the directive, Anthropic says the government only provided verbal evidence so far, describing a non-universal jailbreak that essentially involves pointing the model at a codebase and asking it to find and fix security flaws. Anthropic says it tracked down what it believes is the underlying report and concluded the capability shown is widely available elsewhere too, name-checking OpenAI’s GPT-5.5 specifically. The company frames this as something defenders already do routinely to secure their own systems, and promised more details within 24 hours.

Anthropic isn’t shy about saying it disagrees with the move, even as it complies. The statement argues that pulling a commercial model used by hundreds of millions of people over a narrow, non-universal jailbreak sets a precedent that could effectively freeze new model releases industrywide if every lab faced the same bar. The company has previously argued publicly that governments should have authority to block unsafe deployments, but only through a process that’s transparent and grounded in technical evidence — and it says this directive doesn’t meet that bar.

For now, Anthropic is calling this a misunderstanding it’s working to resolve, and says it’s apologizing for the disruption. Whether that resolution comes quickly or drags on, the episode is a reminder that frontier AI models are increasingly treated less like software products and more like dual-use technology subject to export controls — the kind of treatment historically reserved for things like encryption tools or advanced semiconductors. Given how aggressively Anthropic has been expanding into regulated sectors like finance and government work, a standoff with US regulators over its most advanced models is not exactly the headline the company wanted this week.