The Mythos 5 Model the U.S. Killed Two Weeks Ago Is Back — But Only for 100 Companies

A model the government switched off two weeks ago is back on — for exactly 100 companies

Here's the deal: Anthropic's Mythos 5 model, fully blocked by the U.S. government two weeks ago, came back on June 26-27 — but not for everyone. Access licenses went only to roughly 100 government-approved companies and federal agencies. The general public still can't use it. And Fable 5, the model whose flaw triggered the whole episode, remains locked.

Seen this picture before? You have. Just days earlier, OpenAI shipped GPT-5.6 Sol to only "20 government-vetted partners." One model gets switched off and then back on for 100 companies; the other launches restricted to 20 from day one. In the span of a single week, America's two most powerful AI models both ended up in the same state: partially open, with the government holding the access list. That's not a coincidence — it's a new rule settling in.

What makes Anthropic's spot even stranger: when the block hit on June 12, the company argued the discovered jailbreak "worked in only one narrow, specific instance." It complied with a worldwide shutdown anyway, and two weeks later the partial reopening came from the government's judgment, not the company's. Anthropic built the model — but Washington decides who gets it and who doesn't.

So here's what we'll unpack: what Mythos 5 and Fable 5 actually are, why both went dark on June 12, why only Mythos came back for 100 companies, and what it all means stacked next to the GPT-5.6 story. Three players: Anthropic, the U.S. Commerce Department (the government), and the two models — Mythos 5 and Fable 5.

The players — Anthropic, Commerce, and two models

First, Anthropic. The maker of Claude, widely seen as running one of the most capable models in cybersecurity. Its position is awkward. This is the company that built its whole brand on safety-first — and it had to switch off its own model worldwide precisely because a safety mechanism was bypassed. "The safety company got shut down over safety" stings. At the same time, it sells to government, defense, and finance, so it can't pick a fight with Washington either.

Next, the Commerce Department and the administration. The core view: powerful cybersecurity AI is a double-edged sword. A model like Mythos 5 that excels at finding and defending against vulnerabilities is a weapon in a defender's hands and a catastrophe in an attacker's. Once there were signs the Fable 5 safeguards could be bypassed, the government's first move was "switch it all off." Now it's reopening access in stages, only as far as it judges the risk to be contained.

Third, the two models — Mythos 5 and Fable 5. Piecing the coverage together: Fable 5 is the less powerful but compromised model, and Mythos 5 is the stronger cybersecurity model above it. On June 12, Commerce blocked both, reasoning that a technique bypassing Fable 5's safeguards could unlock Mythos 5's full power too. This partial relief covers Mythos 5 only. Notice they didn't reopen the weaker one first — they reopened within the range they judged controllable.

One sentence ties it together: the safety-first company (Anthropic) had its model switched off worldwide by the government (Commerce) over a bypassed safeguard, then saw it partially reopened two weeks later to exactly 100 government-approved organizations. That's the skeleton.

What got switched off, and what came back on

Talk scatters, so here are the confirmed facts in a table.

Item	Detail
Initial block	June 12, 2026 (Commerce Department)
Reason	Fable 5 safeguard bypass discovered → risk of exposing Mythos 5's power
Scope	Effectively everyone, U.S. persons and foreigners (global shutdown)
Anthropic's rebuttal	"The jailbreak worked in only one narrow, specific instance"
Partial relief	June 26-27, 2026
Now allowed	~100 government-approved companies & federal agencies (Mythos 5 only)
Still blocked	Fable 5 (the compromised model)
Public release	No date
Same-week event	OpenAI ships GPT-5.6 Sol to ~20 "trusted partners"

Line by line. First, the global shutdown is heavy. Export controls usually target adversary states or specific regions; this one blocked essentially everyone, U.S. users included. When the first response to a bypassed safeguard is "cut everyone off," it means AI models are now treated like controlled assets with a hard kill switch.

Second, the "100-company partial reopening" is the crux. It wasn't "we fixed it, so we're reopening." It was the government issuing licenses only to the organizations it judged safe enough. The new gate is fully visible: model access opens only after passing a government security judgment, not a company's commercial one.

Third, don't miss that Fable 5 stays locked. Intuitively you'd expect the weaker model to come back first. The opposite happened. Because the risk centered on Fable 5's bypassed safeguard, the stronger Mythos 5 was reopened within a controlled range while the source of the problem stayed shut. The ordering is set by "is the risk containable," not by "strong vs. weak."

Who gets what

Start with the government's win. First, proof of control: by running a full "switch off, then switch on only as far as safety is confirmed" cycle, it demonstrated it holds a de facto on/off switch for frontier models. Second, a hardened national-security narrative: pre-emptively cutting a powerful cyber model before misuse makes the regulation look justified. Third, a playbook: the very act of selecting 100 organizations to license becomes a reusable "managed-access" manual for future models.

Anthropic wins too, painfully. First, it locks in trusted customers: those 100 approvals likely include federal agencies and large enterprises — the most lucrative, most stable buyers. Second, a liability shield: if the model causes trouble again, "we only opened it within the government-approved scope" is a defense. Third, brand reinforcement: accepting a full shutdown without protest when a flaw appeared can come back as a reputation for keeping safety principles even at the cost of short-term revenue.

The unexpected winner is the 100 approved organizations. They get a top-tier cybersecurity model that had vanished from the market — ahead of rivals, and with a government stamp of trust attached. Everyone left off the list can't even see the tool, so the gap in cyber-defense capability widens through the government gate. Security breaks at the weakest link, though — whether concentrating the strongest tools in a few hands is a net gain for everyone's safety is an open question.

Precedents — what worked and what didn't

The closest precedent is this week's GPT-5.6 Sol case. At nearly the same moment, the same government, on the same logic, applied "the powerful model goes only to an approved few." Put the two side by side and it's clearly not one company's quirk but an industry-wide rule. Whether to call it a success depends on whether risk actually fell — and right now it looks more like a show of control than a measured outcome.

Then there's the history of encryption export controls. In the 1990s the U.S. classified strong crypto as munitions and blocked exports; the tech spread worldwide anyway, and the controls mostly hobbled American firms. AI models — especially weights — are even easier to copy and leak, so "switch it off" may not be the end. If open-weight rivals ship similar capability, the U.S. ends up the only one with its own model tied down.

On the success side, the analogy is dual-use biology. Not publishing dangerous pathogen details broadly, and sharing them only with vetted institutions, is clunky but has prevented disasters. For a double-edged tool like Mythos 5 — useful for both attack and defense — "only the vetted" can be reasonable. The catch is whether that vetting is transparent and fair. If the selection criteria are a black box, "safety" becomes a curtain for favoritism — a fairness problem as much as a security one.

How rivals counter

The most direct comparison is OpenAI and Google. OpenAI is already going through the same gate, so it can't dismiss this as "an Anthropic problem." With both in the same boat, the perception hardens that "the government gate is the industry norm." Their counter likely runs toward designing thicker safeguards to avoid a shutdown — and marketing that. "Our model doesn't get bypassed" becomes a new axis of competition.

China's labs (DeepSeek, Qwen, Moonshot, etc.) will go the other way. While U.S. models ride the block-and-partial-reopen rollercoaster, they can ship open weights to the world with steady availability and build a reliability narrative: "U.S. models can go dark anytime; ours never cut out." For enterprises, "suddenly can't use it" is the scariest risk — and that can push defections toward open models.

For open-source and on-prem camps, this is a powerful sales pitch: "a cloud API model can vanish overnight on one government call; an open-weight model you download and run on your own infrastructure can't." The longer a block drags on, the more companies that can't stomach uncontrollability look to self-hostable alternatives. The paradox: the tighter the control, the stronger the demand to escape it.

So what actually changes

If you're a regular user, you'll feel almost nothing. Mythos 5 and Fable 5 aren't consumer chatbots — they're specialized cybersecurity models — so your everyday Claude experience is unaffected. But it's the first time you've literally watched an AI tool stop on a single government decision. Worth remembering that there's a control switch behind the convenience.

If you run security or enterprise systems, this is a real operational risk. Wire a specific AI model deep into critical workflows and one day a government action cuts access — and the work stalls. The practical move is to put "AI supply risk" into your business-continuity plan, avoid single-model dependency, and pre-evaluate self-hostable alternatives. Being one of the 100 is an opportunity, but remember that status can change anytime.

If you care about policy and governance, this is the fork to read together with GPT-5.6. In one week, America's two most powerful AI models both landed in "partially open, government holds the list." Whether that's a one-off crisis response or the new standard for frontier launches gets decided in the next few months. Just note it's still informal request plus voluntary compliance, not codified law — fast, but opaque.

One step further — the weight of the government holding the switch

The real weight here isn't "they blocked it." It's "they switched it off, then chose who to switch it back on for." A one-time shutdown can be read as an emergency measure. But the moment the government picks who gets it reopened, model access becomes a valve the government opens and closes. Valves, once installed, turn more easily next time. The "block → selective reopen" cycle applied to Mythos 5 makes applying the same procedure to the next model feel natural. Exception becomes procedure; procedure becomes standard.

The other easy miss is the transparency vacuum. On what criteria were the 100 chosen? What safety verification did they pass? When is the public release? Almost none of it is disclosed. The more a control is justified by safety, the more that control itself needs to be transparent to earn trust. Opaque criteria let "safety" become wrapping paper for discretionary power — a fairness problem as much as a security one.

Finally, Anthropic's "safety-first" identity got stress-tested. The company that leaned hardest on safety accepted a full shutdown on mere signs of a bypass. Faithful to principle — but it also took on the burden that "lead with safety and you'll get controlled hardest too." In the end, the Mythos 5 fight converges on the same question as GPT-5.6: who holds the tap on the most powerful AI — the company, the government, or does the open ecosystem make the tap irrelevant?

🥄 Three Things You're Probably Wondering

— So what does this mean for me? Almost nothing directly. Mythos and Fable are specialized cybersecurity models, not consumer chatbots. But a precedent now exists where an AI you rely on can stop on a single government action — worth knowing if you build AI deep into your work.

— When does Fable 5 come back? Too early to say. As the model where the flaw was found, it's harder to reopen than Mythos 5. Reopening talks likely start only after the safeguard fix is confirmed, and no timeline is public. Assume it stays locked for a while.

— Is this the same as the OpenAI Sol situation? The shape is nearly identical — partial opening with the government holding the list. The starting points differ: Sol was restricted to 20 from launch; Mythos was fully blocked, then reopened to 100. Control by design vs. cleanup after an incident. The key is that both hit in the same week — read it as a trend, not two isolated events.

Sources

• Trump admin allows Anthropic to release Mythos AI model to some companies — CNBC
• US releases powerful Anthropic model Mythos to some US companies — Semafor
• Anthropic disables Fable and Mythos following U.S. export ban — Fortune
• OpenAI limits new AI models to 'trusted partners' at request of U.S. government — CNBC
• Trump administration asks OpenAI to limit release of GPT-5.6 — Axios

Numbers and criteria are as of announcement and may change.