The Government Just Pulled Two Frontier Models Offline

For two years the debate over governing frontier AI lived in the future tense — pre-launch reviews, voluntary commitments, a 30-day look before a model ships. On June 12, that abstraction collapsed into a single sentence. At 5:21pm ET, Anthropic received a letter from Commerce Secretary Howard Lutnick, drafted with the Commerce Department's Bureau of Industry and Security, invoking national-security export-control authorities and directing the company to suspend all access to Fable 5 and Mythos 5 by any foreign national — whether inside or outside the United States, including Anthropic's own foreign-national employees. It is, as far as anyone can tell, the first time a leading AI company has taken a publicly deployed model offline at the federal government's direction.

Why "foreign nationals only" took down the whole model

The directive's text was narrow. Its effect was total. Anthropic has no clean technical lever to fence off "foreign nationals, anywhere" from a commercial API in real time — citizenship isn't a field in an inference request. Faced with an order it had to obey immediately and no surgical way to comply, the company did the only thing that guaranteed compliance: it disabled Fable 5 and Mythos 5 for every customer, full stop. Access to the rest of the Claude lineup — Opus 4.8 and the models beneath it — was unaffected. But the two newest, most capable models in Anthropic's catalog went dark for paying enterprises overnight, not because of anything those customers did, but because the blast radius of "no foreign access" is, in practice, everyone.

That detail matters more than the headline. It means an export-control order written for chips and physical goods, applied to a piece of software that serves a global user base from a shared endpoint, becomes a kill switch by default. There is no dial between "fully available" and "fully off." The government asked for a scalpel; the only instrument that fit was a circuit breaker.

The reason nobody quite confirmed

The letter, by Anthropic's account, did not spell out the specific national-security concern. The company's stated understanding is that the government believes it became aware of a method for "jailbreaking" Fable 5 — bypassing its safety guardrails. Anthropic says it reviewed a demonstration of that exact technique and found it surfaced only "a small number of previously known, minor vulnerabilities," all of which "appear relatively simple."

So the public record contains a striking asymmetry. On one side, a frontier lab examined the alleged exploit and concluded it was minor and already-known. On the other, the executive branch decided the same finding justified recalling two commercial models under national-security law. Anthropic chose to say so out loud: it is complying with the legal directive while explicitly registering that it "disagree[s] that the finding of a narrow potential jailbreak should be cause for recalling a commercial model." A company does not pick that fight with its primary regulator casually.

How we got from a memo to a kill switch

This didn't arrive from nowhere. It's the third escalation in a tightening sequence. First came Project Glasswing, Anthropic's controlled program giving select institutions early access to Mythos specifically to hunt and patch critical software vulnerabilities — a model marketed, in part, on its ability to find zero-days. Then, on June 2, an executive order asked frontier labs to hand finished models to the government roughly a month before launch, with Mythos's security capabilities cited as the triggering case. The suspension is the same anxiety reaching its logical endpoint: if a model is powerful enough that the state wants a look before it ships, the state will eventually decide it can also order it withdrawn.

The throughline is that AI safety capability and AI national-security risk are the same property viewed from two angles. A model good enough to find and fix vulnerabilities at scale is, by definition, a model good enough to find them for other purposes. Glasswing was Anthropic's pitch that this is a feature. The June 12 directive is the government treating it as a munition.

What this sets as precedent

Strip away the specifics and the precedent is what should unsettle every lab and every enterprise building on frontier models. A deployed, commercially available model can now be switched off by executive action, on national-security grounds that need not be fully disclosed, with a compliance mechanism so blunt it takes the product away from everyone at once. For enterprise customers, that converts "which model do I build on" into a question with a new hidden variable: regulatory availability risk, sitting alongside latency and price. A workflow built on Fable 5 was, for some number of hours, simply gone — through no decision of the customer or even, arguably, of Anthropic.

It also hands every other lab a live case study. OpenAI, Google DeepMind, and xAI now know the government will use export-control authority on software, that "foreign nationals" is an effectively un-targetable category that collapses into a full shutdown, and that a disputed, minor exploit can be sufficient cause. Expect the next round of frontier launches to be quieter about security capabilities, more careful about what gets demonstrated to whom, and far more lawyered on the question of what a government can compel after deployment, not just before it.

Anthropic built Mythos to prove that a model smart enough to harden the world's software was an asset worth shipping. Washington just demonstrated that the same intelligence is something it will reach in and switch off. The 30-day look was the warning. June 12 was the precedent.