Index  ›  ai  ›  Gizmodo

The AI Cold War Just Got Chillier

Gizmodo Published Jul 1, 2026 Reviewed Jul 3, 2026 ✓ Reviewed by citations.press editors
Citation-ready fact
Anthropic launched an experiment in March involving spyware in Claude Code to prevent account abuse and protect against distillation, and it was fully rolled back in the Fable 5 redeployment on Tuesday.
Thariq Shihipar, member of Anthropic’s technical staff working on Claude Code
View source ↗
Citation-ready fact
U.S. Commerce Secretary Howard Lutnick ordered Anthropic to take Fable offline for all foreign persons early last month, citing national security risks with an eye toward China.
Howard Lutnick, U.S. Commerce Secretary
View source ↗
Citation-ready fact
Anthropic stated that several other models—including OpenAI’s GPT-5.5 and Moonshot’s Kimi-K2.7—could also produce code showing how to exploit a security flaw.
Anthropic
View source ↗
Citation-ready fact
Anthropic stated that several other models—including OpenAI’s GPT-5.5 and Moonshot’s Kimi-K2.7—could also produce code showing how a security flaw could be exploited.
Anthropic
View source ↗
Citation-ready fact
The White House has vowed to crack down on coordinated campaigns that systematically extract capabilities from American AI models.
The White House
View source ↗
Citation-ready fact
Anthropic’s framework will measure criteria including ease of weaponization, and the company has delegated an internal team to monitor jailbreaking developments 24/7.
Anthropic
View source ↗
Citation-ready fact
Amazon reported that Fable’s security guardrails could be jailbroken through creative prompting, with one instance showing how to exploit a security flaw.
Amazon
View source ↗
Citation-ready fact
Anthropic stated it is working toward a shared, voluntary security and evaluation standard for frontier model providers.
Anthropic
View source ↗
Citation-ready fact
Amazon reported that Fable’s security guardrails could be jailbroken, and in one instance, Fable produced code showing how a security flaw could be exploited.
Amazon
View source ↗
Citation-ready fact
Anthropic is teaming up with several leading tech companies and Project Glasswing partner organizations to draft a consensus framework for assessing AI jailbreak severity and developer responses.
Anthropic
View source ↗
Citation-ready fact
Anthropic is teaming up with several leading tech companies and Project Glasswing partner organizations to draft a consensus framework for assessing AI jailbreak severity and developer response.
Anthropic
View source ↗

As the newly crowned most valuable startup in the world and the maker of what are widely considered to be the most capable AI systems, Anthropic has a delicate line to tow as it comes of age under an administration known for picking fights both at home and abroad. If it wants to keep releasing industry-leading AI models, it’ll have to do so—at least for the time being—on the federal government’s own terms. That apparently includes keeping a wary eye out for Chinese abuses, even if that has to be implemented through inconspicuous spyware.

Earlier this week, complaints started surfacing on Reddit about a mechanism embedded within Claude Code, which appeared to covertly flag users based in China (or with ties to Chinese AI labs) by detecting telltale signs like timezone and the use of proxy URLs. One Redditor made the case that by surreptitiously keeping tabs on Chinese users, Anthropic could ultimately use its spyware towards more malicious ends. “Today it’s a timezone check,” the Redditor wrote. “Tomorrow, it could be system sabotage or data exfiltration.”

Anthropic’s response to this was basically: oopsie-daisy! In an X post on Tuesday night, Thariq Shihipar, a member of Anthropic’s technical staff working on Claude Code, said the spyware was “an experiment we launched in March that was meant to prevent account abuse from unauthorized resellers and protect against distillation,” that the company had “been meaning to take [the spyware] down for a while,” and that it “should be fully rolled back” in the redeployment of Fable 5, which arrived Tuesday. Anthropic didn’t immediately respond to a request to share more details around the timeline and purpose of the program.

China has long been a thorn in Anthropic’s side. The company has accused multiple leading Chinese AI labs, including DeepSeek, Moonshot, MiniMax, and, most recently, Alibaba, of illicitly using Claude to train new AI models, a process known in the industry as distillation. While distillation is a common and usually harmless practice that enables smaller companies to train new models using bigger counterparts like Claude and ChatGPT, it’s recently emerged as a tender spot in the AI arms race between the U.S. and China. The White House has vowed to crack down on what it’s described as “coordinated campaigns [that] systematically extract capabilities from American AI models, exploiting American expertise and innovation.”

Yesterday’s long-awaited rerelease of Fable 5 was both an end and a beginning. On the one hand, it seemed to conclude Anthropic’s latest fiasco with the Trump administration, which began early last month with an order from U.S. Commerce Secretary Howard Lutnick to take the model offline for all “foreign persons.” Citing national security risks—clearly with an eye towards China—Lutnick’s order was motivated in part by research from Amazon, which supposedly showed that Fable’s robust security guardrails could be jailbroken, i.e., bypassed through creative prompting. But the announcement also heralded what could be a new norm of collaboration between the federal government and the AI sector.

In its announcement, Anthropic confirmed that the alleged jailbreak reported by Amazon was, for the most part, no more than the identification of cybersecurity vulnerabilities that a litany of earlier, less powerful versions of Claude also could’ve detected. There was one instance cited in Amazon’s report in which Fable went so far as to produce code showing how a particular security flaw could be exploited, but according to Anthropic, several other models, including OpenAI’s GPT-5.5 and Moonshot’s Kimi-K2.7, were able to do the same thing.

In short, Anthropic said its being targeted by the federal government was completely groundless, at least as far as national security is concerned. Its inclusion of Kimi-K2.7 in its internal jailbreaking tests is significant, since it lends support to the claim made by many cybersecurity experts that the federal ban on Anthropic’s top models benefits no one as much as the Chinese AI industry, which for years has been making a big push into open source models. Even before the Fable/Mythos ban, those open source alternatives had big appeal among American developers and businesses who had become disenchanted with the climbing costs of homegrown AI tools like Claude Code and OpenAI’s Codex.

On the whole, however, Anthropic’s announcement was more conciliatory than defensive. The general tone was: We don’t believe we did anything to deserve this, but we still want to work with the federal government, and also with our competitors throughout the tech industry—looking at you, Amazon—to make sure this kind of debacle doesn’t needlessly happen either to us or anyone else again.

The company said it was teaming up with several leading tech companies and other Project Glasswing partner organizations “to draft a consensus framework for assessing the severity of AI jailbreaks and how AI developers should respond to them.” It provided some preliminary criteria that such a framework ought to measure—including “ease of weaponization”—and said it had delegated an internal team to monitor jailbreaking developments 24/7. The announcement also included some carefully-worded caveats about what Anthropic’s relationship with the federal government would look like moving forward, including working “toward a shared, voluntary security and evaluation standard for frontier model providers.”

As always, even though it was never explicitly mentioned, the spectre of China hovered over Anthropic’s announcement. 

The company has long painted itself as the conscience of the AI industry, a counterweight to the market forces that might otherwise compel Silicon Valley to turn a blind eye to the risks of the new technological revolution now underway. At the same time, it often echoes the party line of the Trump administration and its biggest competitor, OpenAI, by insisting that the U.S. has a moral obligation to be the global leader in AI development, because if we don’t step up, the argument goes, China will. That binary framing—either us or China—was very much at play behind the company’s recent call for an AI international committee to monitor, and if necessary, put the brakes on, frontier AI progress.

Anthropic CEO Dario Amodei has also often pontificated on the need for cooperation between the American and Chinese AI industries, possibly modeled after Cold War-era nuclear non-proliferation treaties. Such cooperation is no doubt possible, but it’s much less likely under the current administration. Launching covert spyware targeting users in China probably doesn’t help, either.

Stay cool and enjoy the long, sunny days ahead with these gadgets to upgrade your life this summer and beyond.

"This is the voice of American business that is being channeled through me," Alex Karp declared on national television.

For years, physicists were stuck in trying to explain an important mathematical problem in physics. The right approach ended up being too simple.

Of course, not every investor is a loser. It just depends what they're looking for in the art of the deal.

Norton just plugged its "Genie" scam detector directly into Claude and ChatGPT, giving both a layer of real threat intelligence they've never had on their own.

Anthropic announced Tuesday that the Trump Administration had lifted its controls on the cutting-edge AI model.

This article was originally published by Gizmodo ↗. citations.press indexes the source-backed facts above and links to the original. Something wrong? Corrections policy · Report an error