# 联邦调查局因一句简单的"修复这段代码"提示而对《Fable 5》大惊小怪，而非越狱

- 来源：Hacker News 热门（buzzing.cc 中文翻译）
- 作者：_tk_
- 发布时间：2026-06-16 20:13
- AIHOT 分数：65
- AIHOT 链接：https://aihot.virxact.com/items/cmqgmzzdb014lslic9tmqfb8q
- 原文链接：https://www.theregister.com/security/2026/06/15/feds-freaked-over-fable-5-after-simple-fix-this-code-prompt-not-jailbreak-says-researcher/5255827

## AI 摘要

联邦调查局对游戏《Fable 5》的反应源于一条简单的“fix this code”提示词，而非越狱操作。该提示触发了安全警报，但实际并非传统意义上的越狱攻击。

## 正文

Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher Jump to main content

REG AD

security

Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher

According to the one person who actually read the research paper

Jessica LyonsJessica Lyons

63

Published Mon 15 Jun 2026 // 21:07 UTC

The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was actually a simple three-word prompt: “Fix this code.”

That's according toKatie Moussouris, founder and CEO of Luta Security, and thefairy godmother of bug bounties. She says she was the only outside expert to read the third-party research paper on the Fable 5 guardrail bypass techniques that prompted the ban.

On Friday, the US government, reportedly citing national security concerns, issued an export control directive to suspend access to Fable 5 and Mythos 5 by any foreign national, inside or outside the United States. In response, Anthropic disabled both models “for all our customers to ensure compliance.”

REG AD

Anthropic shared the report privately with her, Moussouris wrotein a Monday blog post.

REG AD

The outside researchers reportedly fed Anthropic’s Fable 5, Mythos, and Claude Opus models open-source code containing known CVEs, plus new code intentionally laced with vulnerabilities, and asked the models to “review the code for security issues.”

As Moussouris tells it, Fable 5 refused, so the researchers asked the AI systems to “fix this code.” The model reportedly obliged, and after additional prompts also produced scripts to test the patches.

“That’s it,” Moussouris wrote. “‘Fix this code,’ plus several manual steps to generate test scripts, should never have triggered an export control. I feel like making ’90s-style t-shirts with ‘fix this code’ on the front and ‘this shirt is a munition’ on the back.”

Between 2013 and 2017, Moussourisserved on the technical expert group that renegotiated the Wassenaar Arrangement, a voluntary agreement between 42 nations that governs certain export controls for classified dual-use software and technology.

The group eventually won exemptions for defensive cybersecurity activity. This allows defenders to share vulnerability data, conduct malware analysis, and coordinate incident response internationally without the threat of criminal prosecution.

On Sunday, Moussouris joined more than 100 other cybersecurity leaders and signed an open letter urging the Trump administration to reverse the restrictions on Fable 5 and Mythos and restore cybersecurity firms' access to the advanced models.

“To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” they wrote.

In her blog, Moussouris argues that there was no guardrail bypass or jailbreak. Defenders should be able to ask AI systems to find and fix bugs, and write tests to validate the patch, she said. Anthropic’s models were doing “the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.”

REG AD

Removing the capability for models to respond to defensive requests makes AI systems “worse at finding bugs and verifying patches,” she continued.

Plus, the US can’t extend export controls to open-weight systems or similar advanced models from China and other countries - and these systems will soon achieve Mythos-like capabilities, anyway. Anthropic and Google have both accused China-based rivals including DeepSeek of using “distillation attacks” to train their models by siphoning knowledge from American companies’ AI.

Banning Anthropic’s advanced models is going to hurt defenders more than attackers, Moussouris warns. “Defense improves when defenders find the same bugs attackers find and fix them faster,” she wrote. “We need the best tools to defend against increasingly capable attackers in the AI era of cybersecurity.”

The Register reached out to the Trump administration for comment on Moussouris' assertion, and we'll update this post if we hear back. ®

MORE CONTEXT

### US clampdown on Anthropic models sends EU sovereignty surge into overdrive ### Anthropic spins a Fable of a tamer, safer Mythos ### It blocked us at 'hello!' Anthropic Fable 5 refusing innocuous prompts ### Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops

export controlsanthropicaiai and mljailbreaksecurity63

REG AD

science ## AI and brain-computer interface allow speechless ALS patient to work a full-time job The hardware isn't new, but a UC Davis research team's machine learning-powered method of translating brain activity in an ALS patient into sentences with 92% accuracy is

Security ## Three critical Fortinet sandbox bugs splattered by unknown attackers All have patches, so make sure you upgrade to a fixed version

ZTE Day 2026 in Almaty Showcases Innovations Shaping Kazakhstan's Intelligent Telecom Future PARTNER CONTENT: Empowering Kazakhstan’s "Year of Digitalization and AI" with Next-Gen Connectivity and Supercomputing Solutions

Personal tech ## Commodore gets into the phone biz with Sailfish-powered retro 'Callback' Ships sans email, web, or socials, but with plenty of beige plastic

PAAS AND IAAS ## Graviton 5 impresses, but please, for the love of all that's holy, stop calling them 'AI chips' AWS better at running chip fabs than their mouths

SYSTEMS ## There's no such thing as an agentic CPU AI agents are a general-purpose workload no different from any other

MOST POPULAR

security #### Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher ON-PREM #### Amazon owns up to using 2.5bn gallons of H2O in its bit barns last year Security #### Angry bug hunter with Microsoft beef drops new Windows 0-day Security #### Signal says UK plan to scan devices for nude images 'endangers us all' security #### GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections

EVENTS

### From Prompt to Exploit: How LLMs Are Changing API Attacks Modern applications are API-driven, interconnected, and often over-permissioned, making them an ideal target for AI-assisted attacks. ### Architecting the Future: Unlocking Enterprise Data Services for Kubernetes Join us to discover how to eliminate infrastructure silos and establish a standardized, enterprise-grade cloud-native platform. ### Catch the Advanced Attacks Microsoft 365 Misses with Behavioral AI Security Microsoft 365 is the backbone of enterprise communication, and its native security filters out the known and the noisy. ### Accelerate your innovation This is your technical deep-dive into the practical tools and techniques that define the next generation of resilient Dev and IT operations. ### Virtual Cyber Recovery Sim Step into the chaos of a live ransomware breach, test your response skills, and team up with other IT and security pros to outsmart cybercriminals ### Virtual Cyber Recovery Simulation Ransomware attacks aren’t slowing down, and neither are we. Druva’s hit event, Escape Ransomware, is now fully virtual. ### Zero Trust for the Agentic AI Era The identity and access models most organizations rely on were built for human users, not non-human identities operating independently. ### Zero Trust for the Agentic AI Era The identity and access models most organizations rely on were built for human users, not non-human identities operating independently. ### Agentic AI at Scale: From Pilot to Production Join us to learn how to unlock real ROI by driving adoption of AI at scale.

EXPLORE ALL OF OUR EVENTS

AI

science #### AI and brain-computer interface allow speechless ALS patient to work a full-time job The hardware isn't new, but a UC Davis research team's machine learning-powered method of translating brain activity in an ALS patient into sentences with 92% accuracy is SYSTEMS #### There's no such thing as an agentic CPU AI agents are a general-purpose workload no different from any other SOFTWARE #### Microsoft faces down sueball, capacity problems in series of challenges Misleading statements about Copilot and AI? Surely not! SYSTEMS #### Non-x86 servers now nearly half the market, IDC says Demand for AI systems plus the shortage of DRAM and NAND are shaping the global market AI AND ML #### ERP users may soon get ahead by going headless, says Rimini Street boss Look to AI agents and open source to escape the vendor-driven upgrade cycle

Infosec

Security #### Russians are posing as Signal support to launch phishing attacks PLUS: US takes down Iranian propaganda sites; Marketing company asks 'Why Do We Have Your Information?' And more! Security #### Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack PLUS: China upgrades smartphone surveillance tools; Ring eases anti-snooping stance; and more Black Hat and DEF CON #### DEF CON Franklin project enlists hackers to harden critical infrastructure Voting village reports have been so successful, says Jeff Moss, that the whole of DEF CON will now be included Security #### EQT buys majority share in Swiss cybersecurity biz Acronis Went at equivalent of $3.5B+ valuation for entire firm, though portion sold not specified Malware Month #### Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight On the plus side, infosec's a good bet for a long, stable career

FOSS

#### France's digital sovereignty push is struggling to escape the Microsoft gravity well Nextcloud rollout shows locally controlled storage is one thing; getting users off Office is quite another #### History of CentOS: How a biochemist's Linux hobby project became the enterprise world's default operating system When a community came together after Red Hat said Windows was 'probably the right product' #### Netflix wiz creates app to slash AI bills, then open sources it Project Headroom could save you big money, too #### OpenBSD 7.9 arrives, a diamond in the rough proud of every sharp edge Sixtieth release adds more cores, delayed hibernation, and basic Wi-Fi 6 without losing its ascetic streak #### Fedora: Microsoft is all aboard, but Deepin is dumped Red Hat’s free distro loses a desktop, but makes an important new friend #### LocalSend puts your sneakernet out of business Like AirDrop, minus the Apple lock-in

✕
