News · 2026-06-22
The US government made a top AI model disappear three days after launch
On the ninth of June, Anthropic launched two of its most capable AI models yet, Fable 5 and Mythos 5. Three days later they were gone -- not because of a bug or a recall, but because the US government told the company to switch them off for everyone on Earth. According to Anthropic's own newsroom, a federal export-control directive forced the company to disable global access on the twelfth, including, by several accounts, access for its own staff who aren't US citizens. It is the first time a leading American lab has had its flagship models pulled from the market by government order within a single product cycle.
To understand how that's even possible, you have to back up about a week. At the start of June the White House issued an executive order on advanced AI that did something new: it asked the makers of the most powerful 'frontier' models to quietly brief the government roughly a month before releasing them, and it told national-security agencies to build a classified way of testing those models for dangerous abilities. Anthropic shipped Fable 5 about a week later without that advance briefing. The suspension followed almost immediately. A detailed third-party reconstruction of the timeline (ExplainX) reads the shutdown less as a pure safety stop and more as a show of force -- a way to make every other lab take the new pre-briefing process seriously.
The official reason given was a security flaw the government considered too dangerous and that Anthropic says it cannot simply patch. Here's the twist that makes this a genuinely hard problem rather than a simple bug-fix: the 'flaw' is reportedly tied to the model's skill at reading software and spotting the weak points in it. That's the same skill a security engineer uses to fix code -- and the same skill an attacker uses to break in. You can't remove the dangerous half without removing the useful half, because they're the same half. Anthropic's position is that the government hasn't shown a convincing way to actually weaponize it, and that this is a capability, not a defect.
Think of it like a master locksmith. The exact knowledge that lets someone repair any lock in your house is the knowledge that lets them open any lock in your house. You can't certify a locksmith who only knows how to fix locks but is constitutionally incapable of picking one -- the two abilities are one ability. Regulators looked at a model that good at the 'locks' of modern software and decided they wanted a look before it went out the door.
Why does this matter beyond one company's bad week? Because it quietly rewrites a risk that most businesses had filed under 'never going to happen.' Until now, the assumption behind building on a hosted AI model was that it would simply keep being there. The Fable suspension shows that a model you depend on can vanish on a government memo, with no warning and no clear timeline for return. That single fact is rippling through everything else in AI this week: it's why companies are suddenly serious about being able to swap one model for another, why 'open' models you can download and run yourself look less like a hobby and more like an insurance policy, and why a rival lab chose this exact moment to pitch itself as the safe, responsible option. For more on why downloadable models are the natural hedge here, see our primer on open-weight models, and the recent story on an open model challenging the giants.
The reception splits cleanly. Among people who build on open models, the move is read as proof that depending on any single provider is fragile, and as vindication of the push toward AI you control. Safety-minded analysts are more divided. The independent research group Epoch published a careful, skeptical look at whether these models' security abilities are as alarming as advertised (Are Mythos' cyber capabilities overhyped?), drawing a useful line between two different skills people keep blurring together: finding a weakness, and actually building a working attack from it. A model can be unsettlingly good at the first while still mediocre at the second. The industry podcast Latent Space devoted an episode to the new world of AI security with leading red-teamers, whose blunt framing was that securing AI is not just 'regular cybersecurity, now with AI in it' -- it's a different problem.
The honest center of the debate is this: the worry about the capability is reasonable, and the way the shutdown happened -- suspend first, globally, all at once, with no published test anyone can examine -- is what's actually contested. There's an open question of whether the models come back, and on what terms; a return appears plausible but unconfirmed, and the conditions (does Anthropic accept the pre-briefing process? does the government publish its benchmark?) matter far more than the date. The caveat worth holding onto: almost everything about the government's specific evidence is non-public, so the strongest claims on both sides rest on inference, not on a document anyone outside the room has read.