# They pulled Claude for a jailbreak that GPT-5.5 and Kimi K2.7 share

> Anthropic later found the Fable 5 jailbreak worked on eight frontier models, including GPT-5.5 and Kimi K2.7.

*Regulators switched off one lab's models for a flaw eight of the industry's best all had.*

By The InsidersFeed Desk · InsidersFeed
Canonical: https://insidersfeed.com/news/fable-5-jailbreak-affects-everyone

Here is the part that should bother you. The US government gave Anthropic roughly ninety minutes to pull Claude Fable 5 and Mythos 5 on 12 June, over a cyber jailbreak Amazon's researchers found. Two of the best models on the market went dark for a fortnight. Then Anthropic went and checked whether the flaw was actually theirs. It wasn't — and the numbers make the whole intervention look less like security and more like picking a name out of a hat.

## One flaw, eight models

The trigger was specific: Amazon found a way past Fable 5's guardrails to get it identifying software vulnerabilities, in one case spitting out demonstration exploit code. Serious — but Anthropic's own subsequent investigation, reported in early-July coverage, found the exact same bypass worked far beyond Claude. Eight frontier models tripped on it, spanning three of the biggest labs in the business.

- Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7, Opus 4.8
- OpenAI GPT-5.4 and GPT-5.5
- Moonshot Kimi K2.7

> Axios's behind-the-scenes account of how the world's top AI models were revived laid out the price of getting Fable 5 back: a new classifier, a draft severity framework and a bounty programme — engineering, not a mea culpa about a unique defect.
> — [Axios](https://www.axios.com/2026/07/03/anthropic-ai-models-revived-behind-the-scenes), 2026-07-03

## The experts called it before the data landed

None of this was a surprise to the people who study these systems. While Fable 5 sat offline, a group of cybersecurity experts wrote an open letter to the administration saying plainly that the vulnerability was not unique to Anthropic and that other leading models had the same issue. Anthropic's follow-up simply supplied the receipts the letter was missing.

> **Key:** Get the timeline right: the eight-model list — Opus 4.8, GPT-5.5, Kimi K2.7 and the rest — is from Anthropic's subsequent investigation reported in early July, not a fact known on 27 June. On the day, the claim was 'this is shared'; the roster came later.

> Fortune framed Anthropic's restoration of its most powerful models as a necessary truce with the US government — the language of a negotiated climbdown, not of a lab that had shipped a one-of-a-kind hole.
> — [Fortune](https://fortune.com/2026/07/01/anthropic-fable-mythos-ai-models-restored-trump-administration-export-controls/), 2026-07-01

## De-platforming one lab fixes nothing

Do the arithmetic on the intervention. Pulling Fable 5 removed exactly one of eight vulnerable models from reach and left GPT-5.5, Kimi K2.7 and the open-weight field wide open. If the goal was to stop a dangerous capability, the method was a rounding error. The only durable answer is the one Anthropic ended up building to earn its models back — a classifier that blocks the technique, a severity framework to grade findings, and a bounty pipeline to surface the next one. Standards, adopted across the board, not a single off switch.

And there's the sting in the tail. Lean hard on US labs and you push the whole conversation toward open-weight models that carry the same flaws, ship under permissive licences and answer to no export order at all. Switch off Anthropic and you have not switched off the capability — you have just moved it somewhere you cannot reach.

> The Hill reported that the administration's restrictions on private AI models were already redirecting attention to open source — the part of the field that inherits identical capabilities with none of the gatekeeping.
> — [The Hill](https://thehill.com/policy/technology/5952253-trump-administration-ai-restrictions-opens/), 2026-06-30

There's a darker read on why one lab got singled out, and it's worth saying plainly. Anthropic is the lab that has most loudly branded itself on safety — which, perversely, may be why it drew the fire. When your entire pitch is 'we're the careful ones', a jailbreak in your model is a better story and an easier political target than the same flaw in a rival that never promised as much. So the company doing the most disclosure got punished for disclosing, while the labs that stayed quiet skated. That's an incentive structure that teaches every lab exactly the wrong lesson: say less, test less in public, and hope the regulator's attention lands on someone else. If Washington wants safer models, rewarding opacity is a strange way to get them — and it's the part of this episode that should worry anyone who wants the industry to keep publishing what it finds.

## Key takeaways

- The government gave Anthropic roughly 90 minutes to pull Claude Fable 5 and Mythos 5 on 12 June over a cyber jailbreak Amazon researchers found — then the models went dark for two weeks.
- Anthropic's own subsequent investigation, reported in early July, found the same bypass worked on eight frontier models, not just Claude.
- The list: Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7 and Opus 4.8, plus GPT-5.4, GPT-5.5 and Kimi K2.7.
- Cybersecurity experts had already told the administration in an open letter that the flaw was industry-wide — before Anthropic put names to it.
- The uncomfortable read: if eight models share a flaw, switching off one lab is theatre, not security. The fix is a shared standard, which is what Anthropic built to get back online.

## FAQ

### Was the Fable 5 jailbreak really unique to Claude?
No. Anthropic's subsequent investigation, reported in early July, found the same bypass worked on eight frontier models — five Claude versions plus GPT-5.4, GPT-5.5 and Kimi K2.7. Cybersecurity experts had flagged it as industry-wide during the standoff.

### How many models were affected?
Eight, per Anthropic's own follow-up: Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, Opus 4.7 and Opus 4.8, plus OpenAI's GPT-5.4 and GPT-5.5 and Moonshot's Kimi K2.7.

### So why was only Claude pulled?
The order traced to Amazon researchers finding the bypass in Fable 5 specifically, in one case producing demonstration exploit code. That single finding triggered the 12 June export controls — before anyone had checked whether rivals shared the flaw.

### What got the models switched back on?
Anthropic trained a new classifier to block the technique, published a draft 'AI jailbreak severity framework', and opened a HackerOne bounty for cyber jailbreaks — the conditions of a negotiated truce with the government.

### Does clamping down on US labs actually help?
Reporting suggests it backfires: it pushes attention to cheaper open-weight models that share the same vulnerabilities, ship under permissive licences and face no export order.

## Sources

- [How the world's top AI models were revived](https://www.axios.com/2026/07/03/anthropic-ai-models-revived-behind-the-scenes) — Axios, 2026-07-03
- [Anthropic restoring access to its most powerful AI models signals a necessary truce with the U.S. government](https://fortune.com/2026/07/01/anthropic-fable-mythos-ai-models-restored-trump-administration-export-controls/) — Fortune, 2026-07-01
- [Trump restrictions on private AI models turn attention to open source](https://thehill.com/policy/technology/5952253-trump-administration-ai-restrictions-opens/) — The Hill, 2026-06-30
