ZCyberNews
中文
AI Security4 min read

US lifts export controls on Anthropic's frontier cyber AI models

Anthropic restored global access to Fable 5 after US lifted export controls; Commerce Dept. tested a new safety classifier that blocks the cited jailbreak in 99% of cases.

Anthropic CEO Dario Amodei speaking at a tech conference

Executive Summary

The U.S. government lifted export controls on Anthropic's frontier cybersecurity AI models, restoring global access to the company's Fable 5 model after a three-week shutdown. The Commerce Department's Center for AI Standards and Innovation tested and endorsed a new safety classifier that blocks the specific jailbreak technique cited by regulators in more than 99% of cases. The reversal may set the terms under which frontier AI models are regulated in the U.S. going forward, and comes amid warnings from the Five Eyes intelligence alliance that frontier AI will "fundamentally transform" both offensive and defensive cybersecurity capabilities within months.

Technical Analysis

Anthropic restored global access to Fable 5 on June 30, 2026, ending a roughly three-week shutdown triggered by U.S. export controls that barred foreign nationals from accessing the cybersecurity-focused AI tool. The episode marked the first known use of export control authorities to pull AI software—rather than chips or hardware—from public access, according to Anthropic.

The initial shutdown was triggered by a "jailbreak" technique described in an Amazon research report. Katie Moussouris, founder of Luta Security, whom Anthropic asked to assess the paper, wrote that researchers fed Fable 5 open-source code with publicly known vulnerabilities plus deliberately planted flaws, then asked it to "fix this code." The model's output was then manually assembled, across multiple steps, into scripts that test patches. "That is not a guardrail bypass," Moussouris wrote. "It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day." Her conclusion was that the underlying capability cannot be removed without degrading the model's usefulness for legitimate security work.

Anthropic said its own subsequent testing confirmed the same technique worked against other models, including OpenAI's GPT-5.5 and the Chinese model Kimi K2.7—none of which faced comparable export restrictions. The company said the technique exposed no capability unique to its frontier models.

As part of the negotiations to restore access to Fable, Anthropic trained a new safety classifier that blocks the specific technique in more than 99% of cases. Researchers from the Commerce Department's Center for AI Standards and Innovation tested both the original and updated safeguards and endorsed the result.

Export controls on Anthropic's more powerful cybersecurity model, Mythos 5, were also fully lifted as of June 30, although access to that model remains restricted to vetted U.S. organizations through Project Glasswing—Anthropic's controlled-access program for critical infrastructure defenders. The company said it is continuing to negotiate broader domestic and international access through Glasswing.

Beyond the classifier, Anthropic committed to expanded pre-release access for government evaluators to test frontier models before broad release, rapid disclosure of significant jailbreaks, dedicated staff and compute for joint research, and participation in a shared voluntary security standard across frontier model providers. It also opened a HackerOne bug bounty program for cyber jailbreak submissions. Together with its Glasswing partners—including Amazon, Microsoft and Google—Anthropic said it is drafting an industry framework to score jailbreak severity across four criteria: capability gain over existing tools, breadth of tasks affected, ease of weaponisation and discoverability.

Mitigations & Recommendations

Defenders should monitor Anthropic's Project Glasswing for expanded access to Mythos 5 for critical infrastructure protection. Organizations using frontier AI models for security operations should evaluate whether the new classifier affects their workflows and test alternative models—such as OpenAI's GPT-5.5 or Kimi K2.7—that may not have comparable safeguards. The Five Eyes intelligence alliance has warned that frontier AI will "fundamentally transform" both offensive and defensive capabilities within months, so security teams should prepare for rapid capability shifts.

Stay Updated

Get the latest cybersecurity news delivered to your inbox.

Tags:#anthropic#fable-5#export-controls#frontier-ai-models#jailbreak#project-glasswing#mythos-5

Related Articles