{"slug": "the-fable-5-export-controls-harm-us-cyber-defense", "title": "The Fable 5 Export Controls Harm US Cyber Defense", "summary": "Export controls on AI models like Fable 5 are harming US cyber defense by preventing defenders from using AI to fix security bugs, according to researchers. The controls block defensive prompts that are essential for finding, fixing, and testing code vulnerabilities, undermining cybersecurity efforts.", "body_md": "[The Fable 5 Export Controls Harm US Cyber Defense](https://www.lutasecurity.com/post/the-fable-5-export-controls-harm-us-cyber-defense)\n\nThe researchers took open-source code with known CVEs, plus new code with deliberately planted vulnerabilities, and asked Fable 5, Mythos, and Opus to “review the code for security issues.” Fable 5 refused. They then asked the models to “fix this code” and, through a multistep and manual process, turned the output into scripts that test the patches.\n\nAs Kate points out, this is absurd. Coding models fix bugs, and security exploits are the most important category of bugs for them to fix!\n\nDefenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day. [...]\n\nThe prompts worked because they were defensive requests, and that capability cannot be removed without making the model worse at fixing bugs and verifying patches.\n\nThis whole situation is such a mess. Non-technical decision-makers have been hearing that models that can \"craft cyber attacks\" are uniquely dangerous for months. Now they look ready to ban any model that can help us secure our code.\n\nTags: [jailbreaking](https://simonwillison.net/tags/jailbreaking), [security](https://simonwillison.net/tags/security), [ai](https://simonwillison.net/tags/ai), [generative-ai](https://simonwillison.net/tags/generative-ai), [llms](https://simonwillison.net/tags/llms), [anthropic](https://simonwillison.net/tags/anthropic), [ai-security-research](https://simonwillison.net/tags/ai-security-research), [claude-mythos](https://simonwillison.net/tags/claude-mythos)", "url": "https://wpnews.pro/news/the-fable-5-export-controls-harm-us-cyber-defense", "canonical_source": "https://simonwillison.net/2026/Jun/16/fable-5-export-controls/#atom-everything", "published_at": "2026-06-16 05:20:29+00:00", "updated_at": "2026-06-16 05:46:58.467311+00:00", "lang": "en", "topics": ["ai-safety", "ai-policy", "ai-ethics", "large-language-models", "generative-ai"], "entities": ["Fable 5", "Mythos", "Opus", "Anthropic", "Claude Mythos", "Luta Security"], "alternates": {"html": "https://wpnews.pro/news/the-fable-5-export-controls-harm-us-cyber-defense", "markdown": "https://wpnews.pro/news/the-fable-5-export-controls-harm-us-cyber-defense.md", "text": "https://wpnews.pro/news/the-fable-5-export-controls-harm-us-cyber-defense.txt", "jsonld": "https://wpnews.pro/news/the-fable-5-export-controls-harm-us-cyber-defense.jsonld"}}