US Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

A regulatory first: export-control authority, built for dual-use technologies, applied to a commercial frontier AI model on cybersecurity grounds.

WASHINGTON, D.C. — The US Commerce Department on Friday, June 13, 2026 ordered Anthropic to ban “foreign national” access to its newly released Claude Fable 5 and Mythos 5 models, invoking export-control authority on the grounds of national-security concern, per BleepingComputer, The Hacker News and CyberScoop. The order applied to both models specifically and, as reported, required Anthropic to restrict access for foreign nationals rather than naming the company as a whole.

The action matters well beyond the two models: it is the first time the US government has applied export controls to a commercial frontier AI model citing cybersecurity risk. By reaching for export-control authority — a framework historically associated with physical and dual-use technologies — and pointing it at a commercial large language model, the Commerce Department set a precedent that every frontier AI lab will now have to plan against, and that reframes the industry's understanding of the government's reach over frontier capability.

What the Commerce Department Ordered and on What Authority

Per the reporting, the Commerce Department directed Anthropic to suspend access to Fable 5 and Mythos 5 for any “foreign national,” citing export-control authority and a national-security concern. The order followed within days of Anthropic's release of Claude Fable 5 — positioned as a “Mythos-class” model with cyber safeguards, and a public dispute over a reported jailbreak of Fable 5. What is confirmed is the instrument (export controls) and the issuer (Commerce). What is not confirmed is the precise legal mechanism beneath it: the specific export-control regulation cited — whether a particular Export Administration Regulations provision, an Export Control Classification Number, or another designation — has not been publicly named, and it is unclear from the public record whether the order was a binding legal order or a request Anthropic chose to honor. The CyberSignal flags both as open questions rather than asserting either.

The "Foreign National" Framing

The government's chosen term — “foreign national” — is the operative and unusual feature of the order. Restricting a software service by the nationality of its users, rather than by geography or by a specific named entity, is characteristic of export-control logic, where the question is who may receive a controlled technology rather than simply where it is deployed. Applied to a cloud-delivered AI model accessible worldwide, that framing is difficult to implement cleanly, because a model offered broadly does not natively distinguish users by nationality at the point of access.

That implementation difficulty is central to what followed. A foreign-national restriction on a globally available model is not a simple toggle, and the gap between what the order required and what was technically practical shaped Anthropic's response — which it has described as compliance with the controls. The CyberSignal treats the order's reported scope (foreign-national restriction) as distinct from the company's chosen method of complying, and does not assert that the government required a worldwide shutdown.

A Regulatory First — Why This Matters Beyond Anthropic

The durable significance of the order is precedent. For the first time, the US government has applied export-control authority to a commercial frontier AI model on cybersecurity grounds. Every frontier lab — Anthropic's peers among them — now has to plan for the possibility that a post-launch security concern could trigger a government-ordered access restriction on an already-released model. That is a materially different constraint than the internal safety review and reputational exposure that previously governed release decisions, and it lands amid an active period of AI cyber policy that The CyberSignal has tracked, including the scaled-back AI executive order built around sharing AI-found vulnerabilities. The CyberSignal is careful, per the facts: this is an action targeted at two specific models, not a ban on Anthropic, and we take no position on whether the action was justified — the point is that the question of whether a model can ship to whom is no longer solely the lab's to answer.

Anthropic's Immediate Response

Anthropic framed its response as compliance with the new export controls. Rather than implement a foreign-national-only restriction, the company moved to disable both Fable 5 and Mythos 5 — a response The CyberSignal covers in detail in separate reporting on the worldwide shutdown. The company has disputed the reasoning behind the order while complying with it. This article focuses on the order and its authority; the scope and mechanics of Anthropic's shutdown, the role reportedly played by Amazon, and the researcher reaction are treated in that companion piece.

Open Questions

Several specifics about the order remain unresolved and should be confirmed against the Commerce Department's own statements: the exact export-control regulation invoked; whether the directive was a formal legal order or a request; whether other AI labs received similar requests (no reporting confirms this either way); the precise wording of the announcement; and whether the National Security Council or other agencies signed off on the action. The CyberSignal will update this coverage as the government and primary sources clarify the record.

Sources