One Letter From Washington Cut Off the World’s Most Powerful AI

10 Min Read
APK, CC BY-SA 4.0 , via Wikimedia Commons

On Friday evening, a letter signed by US Commerce Secretary Howard Lutnick arrived at Anthropic’s San Francisco headquarters. It cited national security. It offered no written explanation of the threat.

Within hours, the company had disabled its two most capable AI models — Fable 5 and Mythos 5 — for every user on the planet. No advance notice. No appeal process. No international body consulted.

The world’s most powerful publicly available AI had gone dark. The directive had arrived at 5:21 pm Eastern Time.

Three Days That Defined What Was at Stake

Fable 5 and Mythos 5 had been publicly available for exactly 72 hours when the shutdown order arrived. Anthropic launched both models on June 9 — describing them as the most capable AI systems it had ever released to the public.

Both descend from Claude Mythos Preview, deployed since April 2026 through Project Glasswing — a restricted program for vetted cybersecurity organizations, infrastructure operators, and defense contractors. What Mythos Preview demonstrated in that period was genuinely serious in scale.

In testing, the model identified zero-day vulnerabilities across every major operating system and every major web browser when directed to. Mozilla used it to discover 271 previously unknown security flaws in Firefox — more than ten times what an earlier Claude model found in the same browser. Cloudflare identified 2,000 vulnerabilities across its systems, 400 of them rated high- or critical-severity.

Across all 50 Project Glasswing partner organizations combined, the model helped locate over 10,000 high- or critical-severity weaknesses in systemically important software within a single month. The bottleneck was no longer finding vulnerabilities — it was patching them fast enough.

Fable 5 — the version released publicly on June 9 — carries that same core model, with safety classifiers that intercept queries touching cybersecurity exploitation, biology, and chemistry. Those classifiers triggered in fewer than 5% of user sessions. Both models were shut down before the weekend.

The Jailbreak Nobody Put in Writing

In its official statement, Anthropic disclosed what the government had actually communicated as its justification. The Commerce Department provided only verbal details — no written technical disclosure.

Its description of the jailbreak method: asking the model to read a specific codebase and fix any software flaws.

Anthropic reviewed what it believes is the underlying report that prompted the directive. Its finding was direct: the same capability is standard in other publicly deployed models, including OpenAI’s GPT-5.5, and is used every day by the defensive cybersecurity teams who rely on it to identify and patch vulnerabilities before attackers reach them.

The company noted it had documented no case in which any potential jailbreak led to a harmful real-world outcome. It also confirmed what is technically verifiable across the industry: no model provider today can offer perfect jailbreak resistance. Every AI safety system has some exploitable surface.

One detail carries particular weight. The US government has issued no comparable restriction on OpenAI’s GPT-5.5 — which Anthropic directly identified as carrying the identical capability cited in the directive.

Anthropic Refused. Then the Consequences Came.

This shutdown did not arrive without history. In February 2026, the Trump administration sought to require Anthropic to accept an “all lawful use” standard for military deployment of its models — language that would have extended to mass domestic surveillance and autonomous lethal weapons systems operating without direct human authorization.

Anthropic refused. CEO Dario Amodei stated publicly that the company could not accept an agreement that removed its two core conditions: no mass surveillance of US citizens, no fully autonomous weapons with no human in the targeting or firing chain.

Defense Secretary Pete Hegseth responded by invoking the federal supply-chain risk designation authority — a legal mechanism Congress designed to exclude foreign adversaries like Huawei from US defense systems — to label Anthropic, an American company, a national security risk. It was the first time in US history that authority had been used against a domestic company.

Anthropic filed a federal lawsuit against the administration in March 2026, arguing the designation was unlawful retaliation for constitutionally protected speech. In late March, a California federal judge granted Anthropic a sweeping preliminary injunction — finding the government’s actions likely constituted “classic illegal First Amendment retaliation.” That case remains active.

Axios reported that the administration also tried to pressure Anthropic to delay the June 9 launch of Fable 5 and Mythos 5. Anthropic declined that request as well. The export control directive followed three days after launch.

OpenAI Said Yes. OpenAI Faces No Restrictions.

The comparative record requires stating without softening. Shortly after the Pentagon blacklisted Anthropic in February, OpenAI signed a defense contract with the Department of Defense — accepting the “all lawful use” standard that Anthropic refused.

OpenAI’s GPT-5.5 carries the same vulnerability-identification capability that the US government cited as the basis for restricting Fable 5. As of June 13, 2026, GPT-5.5 remains fully available to users worldwide — including foreign nationals — under no export restriction.

The pattern this produces is not one of consistent national security risk assessment. The company that agreed to build capabilities for mass surveillance and autonomous weapons systems retains unrestricted global access to its models. The company that refused faces a Pentagon blacklist, active federal litigation, and now a complete global model shutdown — each action framed in national security language.

Anthropic made the asymmetry explicit in its public statement: if the jailbreak standard applied to Fable 5 were applied uniformly, it “would essentially halt all new model deployments for all frontier model providers.” That standard is not being applied uniformly. It is being applied to one company — the one that said no.

Restricting access based on which company agreed to arms contracts — not on verified harm — is not security policy. It is the use of security language to enforce political compliance.

One Government, No Explanation, No Appeal

The immediate cost of Friday’s directive was borne by people who had no part in any of these disputes. Developers in Southeast Asia, researchers in West Africa, journalists in the Middle East, students across South Asia — all lost access to tools they had integrated into critical workflows, with no notice, no stated timeline, and no transparent process by which the decision could be challenged.

No international body was consulted. No multilateral technical review took place. A single cabinet secretary, working with the Bureau of Industry and Security, achieved a de facto global shutdown through a letter that offered no written evidence of the threat it cited.

The populations with the least institutional recourse — those in the Global South, in Muslim-majority countries, in nations with no bilateral negotiating leverage over the United States — bear the consequences of decisions made in their complete absence. That is not incidental. It is structural.

Eleven days before the directive arrived, Anthropic had filed a confidential IPO prospectus with the US Securities and Exchange Commission, reporting an annualized revenue run rate of approximately $47 billion and a valuation of $965 billion. Its most capable models were shut down globally before its first day of public trading.

When the mechanism of export control is applied to AI infrastructure that hundreds of millions of people depend on, a domestic American dispute becomes something larger: a question of who holds the authority to revoke access to foundational technology for the entire planet, on what evidence, through what process, and with accountability to whom. As of June 13, 2026, the answer to each of those questions is the same: one government, without written explanation, and without appeal.

Share This Article
Tech Sentinel is the technology and defense analysis desk of Criterion Post. Focusing on the synthesis of military strategy and digital infrastructure, this desk decodes the future of global security, avoiding superficial narratives to reveal the structural realities of modern warfare and industrial development.
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *