US Issues Targeted Export Control on Anthropic Fable 5 and Mythos 5 Over Jailbreak Evidence

Anthropic received the directive hours after launch and responded by routing cybersecurity queries on the affected models to Claude Opus 4.8 while keeping Mythos 5 available only to pre-vetted U.S. critical-infrastructure operators. Internal logs cited by the company show the demonstrated bypass produced N-day exploits in minutes rather than weeks, confirming the red-team claim that monthly patch cadences are now obsolete against frontier models. The order applies extraterritorially, covering foreign users inside the United States, and leaves all other Claude variants untouched. Procurement records from the Bureau of Industry and Security show this is the first use of AI-specific export controls against a single model family rather than hardware. Previous controls on advanced semiconductors established the legal template; the same EAR category is now being applied to weights and inference endpoints. Independent red-team reports from July 2025 already documented similar non-universal jailbreaks on GPT-4o and Gemini 2.5, yet only Anthropic received an abrupt suspension order. The timing, one week after Mythos 5's public release, indicates the government is moving from chip-level to capability-level controls. Next steps include formal Federal Register publication within 30 days and likely license requirements for any entity training models above 10^26 FLOPs that demonstrate automated exploit generation. Foreign cloud regions hosting the models face immediate disconnection risk.