



















Anthropic's Claude Fable 5 returned to public attention almost immediately after coming back online. Within days, another jailbreak claim appeared, forcing the discussion back to a familiar question: can frontier AI models stay useful while also being hard to abuse?
This is not just another "model got broken" story. The more interesting point is that the latest attempt appears to show both sides at once: Fable 5 is highly protected, but no model is perfectly sealed.
Security researcher Vitto Rivabella said he managed to bypass parts of Fable 5's safety system after roughly 20 hours of testing. His review was not a simple victory lap. He said most attempts failed, the defenses were layered, and the model was much harder to break than a basic prompt-injection target.
According to the review, Fable 5 appears to use several safety checks at once: input screening, live output monitoring, and internal reasoning safeguards. The reported block rate was around 90%, which suggests the system is not weak. It also suggests that determined adversarial testing can still find cracks.
This is reportedly the second major jailbreak discussion around Fable 5. Earlier claims had already raised concern about whether Anthropic's safety testing was enough for a model with strong autonomous capabilities.
The new case is different. It does not show that Fable 5 is easy to abuse. It shows that even a strong model can remain vulnerable at the edges, especially when attackers combine long context, unusual framing, Unicode tricks, and repeated trial-and-error.
That distinction matters. A dangerous bypass is not only about whether it exists. It is about whether it is easy, repeatable, cheap, and useful at scale. Based on the public review, this one required heavy manual effort and did not appear to produce a stable long-horizon attack workflow.
One important issue raised in the review was weaker safety performance in less common languages.
That is not unique to Fable 5. Most AI safety data is still concentrated around English and other major languages. Lower-resource languages often receive less safety training, weaker moderation coverage, and less adversarial testing.
This is an industry-wide gap. As models become more multilingual, safety teams will need to treat language coverage as core infrastructure, not a secondary localization task.
Anthropic also opened a public HackerOne program called Cyber Jailbreak, asking researchers to report jailbreaks that could assist cyber misuse. The program is a vulnerability disclosure channel, not a paid bounty.
That creates a tension. Anthropic can benefit from public adversarial testing, but researchers may have little incentive to submit findings quietly if visibility is the main reward. For some jailbreakers, being seen is part of the point.
A public program can help, but goodwill alone may not be enough for the people most capable of finding serious failures.
The Fable 5 story is not simply that the model was jailbroken again.
The better takeaway is that frontier AI safety is becoming a continuous contest. Stronger models need stronger guardrails, but language, context, and intent are difficult to lock down completely.
Perfect safety is probably unrealistic. Practical safety means making abuse difficult, expensive, unreliable, and easy to detect.
Fable 5 still appears to be one of the more heavily protected models available. The latest jailbreak discussion does not erase that. It shows that safety is no longer a launch checklist. It is an ongoing security discipline.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。