Start for Free Book a Demo Contact
Platform Login
Technology
Martin Bachmann July 1, 2026

Fable 5 is Back – and the World Has Changed Anyway

19 days blocked, then the reversal: What Anthropic has changed – and why China is already filling the gap.

Fable 5 is Back – and the World Has Changed Anyway

19 days. Then the US government rowed back. On June 30, 2026, the export controls for Anthropic's Fable 5 and Mythos 5 were lifted – as of today, July 1, Fable 5 is globally available again. Time for an update – and a balance sheet that doesn't turn out flattering.

For those who haven't read the original article yet: Here's the first post about the block.

What Happened – the Timeline

On June 12, 2026, just three days after the launch of Fable 5 and Mythos 5, the US Department of Commerce issued a directive: block access immediately, worldwide, for all non-US citizens. The justification: security concerns following a report by Amazon researchers who had discovered a method that could make Fable 5 identify software vulnerabilities and generate working exploits.

What was already remarkable at the time: Anthropic itself considered the measure disproportionate – and followed the directive anyway. A rare case of public dissent combined with simultaneous compliance.

The further milestones:

  • June 12, 2026: Block imposed by the US Department of Commerce, worldwide for non-US citizens
  • June 26, 2026: Mythos 5 re-released for a selection of US-based organizations
  • June 30, 2026: Export controls officially lifted
  • July 1, 2026: Fable 5 globally available again on the Claude platform

What Anthropic Wants to Do Differently Now

More interesting than the lifting itself is what Anthropic has set in motion in response. The core: an improved safety classifier that, according to Anthropic, blocks the problematic behavior in over 99 % of cases – a figure Anthropic has published itself. So you may read it with healthy skepticism. When a request is classified as potentially dangerous, it doesn't end up in a dead end but is silently routed to the older Opus 4.8 model. Clever – and hard to disprove.

Anthropic now explicitly distinguishes between three jailbreak categories: Minor Jailbreaks, Narrow Harmful Jailbreaks, and Universal Jailbreaks – depending on the reach and severity of the possible consequences. In addition, a bug bounty program on HackerOne was launched for security-relevant AI jailbreaks, and together with Amazon, Microsoft, and Google, a joint industry framework for evaluating jailbreaks is being developed.

"All of this could have been developed before a 19-day global block."

But sometimes it takes a crisis to institutionalize processes that were long overdue. Whether this is a first important step or merely good-sounding crisis management – the coming months will tell.

China Steps Into the Gap – and This Time with Evidence

In our first post we wrote that a US export ban mainly achieves one thing: it accelerates the adoption of Chinese alternatives. Three weeks later, that is no longer speculation but verifiable reality.

According to International Cyber Digest, two Chinese systems have moved to the forefront: GLM-5.2 from Zhipu AI and Tulongfeng from 360 Security Technology. The latter is explicitly positioned as equivalent to Anthropic's Mythos 5 in finding software vulnerabilities. In tests by the company Semgrep, GLM-5.2 even outperformed Claude Opus 4.8 in certain areas.

Zhou Hongyi, CEO of 360 Security and member of the Chinese People's Political Consultative Conference (CPPCC), put it succinctly at a conference:

"This kind of cyber warfare capability should not remain in American hands alone."

Zhou Hongyi, CEO 360 Security Technology

GLM-5.2 has meanwhile established itself among the top 10 most widely used AI models worldwide – not least because it is considerably cheaper than its US counterparts. Saif Khan of the Institute for Progress framed the dilemma pointedly: banning Fable 5 for foreign users while loopholes in the chip export regime remain open amounts to a "gift to China."

The paradox of export control has thus become measurable: the attempt to contain dangerous AI knowledge has mainly led users worldwide to switch to alternatives – to models that are significantly less regulated and less transparent.

Open Source / Open Weights: The Underestimated Way Out

Here's a thought that gets too little space in the debate: open-source and open-weights models elude export controls by definition. A model whose weights are publicly available cannot be blocked – not by a directive from the US Department of Commerce, not by changed terms of use, not by a change of ownership.

A Chinese open-weights model operated in Switzerland is more secure from a data protection perspective than Claude via the API or Microsoft Copilot – because the data never leaves the country. Whether backdoors could be hidden in the model weights themselves is a legitimate question – but a separate one, which we deliberately don't want to sweep under the rug, but which also doesn't serve to invalidate the argument. What matters is who operates the infrastructure, where it is located, and who has access to the data.

"Open" does not mean "uncontrolled." The Linux kernel is publicly visible, and yet banks and authorities worldwide run their critical infrastructure on it. Not despite – but because of that.

At Evoya, we therefore deliberately operate LLMs on Swiss infrastructure as a fixed part of our offering. Sovereignty begins with the operating location – not with the country of origin of the model.

What This Means for Me Personally – and Perhaps for You Too

I use GLM-5.2 daily. Not out of conviction toward Chinese technology companies – but because the model delivers excellent results for many of my tasks while being significantly cheaper than comparable US models. Depending on the task, the quality difference to Claude or GPT is barely noticeable.

Why rely on a single provider at all? One model for language tasks, another for code, one for cheap mass processing, one for data-sensitive content on Swiss infrastructure – that's not indecision, that's strategy.

That's why we built Evoya this way: as an open platform for whichever AI model fits best, whether in the US, in Europe, in Switzerland – or on-premise in your own basement.

Conclusion

Fable 5 is back. The real lesson of these three weeks is not that Anthropic has taken a first important step toward better safety standards. The lesson is that AI sovereignty is not a given – and that the question of who operates the models and where will, in the long run, be more important than which model currently tops the leaderboards.

"Which model is the best?" is the wrong question. The right one is: "Who has the freedom to choose the right one at any time – and the control over where it runs?"