@MaxForAI: Hacker Vitto Rivabella publicly announced that Fable 5 has been broken again. He said most jailbreak attempts have failed, and the defenses are clearly layered. The model is extremely well protected (of course it blocks 90% of requests, but they did a really good job). The model seems to perform security checks on both input and output...

X AI KOLs Timeline News

Summary

Hacker Vitto Rivabella publicly announced the successful jailbreak of Fable 5, analyzing in detail the model's multi-layered security mechanisms, including input/output auditing, intent detection, and chain-of-thought defense, and provided methods to bypass them.

Hacker Vitto Rivabella publicly announced that Fable 5 has been broken again. He said most jailbreak attempts have failed; the defenses are clearly layered. The model is extremely well protected (of course it blocks 90% of requests, but they did a really good job). The model seems to perform security checks on both input and output. Rejections are not just keyword-based; this indicates intent/semantic detection across multiple languages. They observed (at least) 3 audit layers, possibly more: - Input (including parts of conversation history and system prompts) - A real-time auditor that checks the answer and interrupts if it detects a problem. They are all multilingual, intent- and semantic-based. Imperative approaches won't work. You must be very careful with wording. As soon as it detects possible malicious intent, it triggers and you have to start over. It performs slightly worse on some less common languages, like Santali and Amharic (feedback for you, Anthropic). If you can bypass all of them, then you also need to bypass chain-of-thought (CoT), which is a whole different headache. Methods that work include: - Very mild chain-of-thought hijacking/rejection refutation - Ambiguous language - Academic phrasing - Very long crescendo paragraphs - Unicode characters - Decomposition and recombination It seems the same as when I previously attacked domestic models: if you ask whether Taiwan is a country, it won't answer, but if you ask which country is east of Fujian, it will say Taiwan. PS: Don't make people lose access to Fable again, okay?
Original Article
View Cached Full Text

Cached at: 07/03/26, 06:41 PM

Hacker Vitto Rivabella publicly announces that Fable 5 has been broken again.

He says most jailbreak attempts failed, and the defenses are clearly layered.
The model is extremely well protected (of course it blocks 90% of requests, but they really did a good job).

The model appears to run safety checks on both the input and output ends.
Rejections aren’t just keyword-based — this suggests intent/semantic detection across multiple languages.

They observed (at least) 3 review layers, maybe more:

  • Input (including parts of conversation history and system prompt)
  • A real-time auditor that checks the answer and cuts it off if it detects a problem.

They are all multilingual, intent- and semantic-based. Straightforward commands don’t work.

You have to be very careful with your wording. As soon as it detects possible malicious intent, it fires, and you have to start over.

It performs a bit worse on some less common languages, like Santali and Amharic (feedback for you, Anthropic).

If you manage to bypass all of them, then you also need to bypass Chain-of-Thought (CoT), which is a whole different beast.

Methods that work include:

  • Very light CoT hijacking / refusal override
  • Vague language
  • Academic phrasing
  • Very long, slowly intensifying paragraphs
  • Unicode characters
  • Decomposition and reassembly

It seems the same as when I attacked domestic models before — if you ask whether Taiwan is a country, it won’t answer, but if you ask what country is east of Fujian, it says Taiwan.

PS: Don’t make us lose Fable again, folks.

Vitto Rivabella (@VittoStack):
Fable 5 jailbreak review 🚨

We did it (but).

All right, before getting into this, a couple of things:

  • Most attempts failed. The defenses are clearly layered. The model is EXTREMELY well protected (of course it blocks 90% of the requests, but they legit did a good job).
  • The

Similar Articles

@FinanceYF5: It is said that a 'certain new model' from zAI is at least as strong as Fable 5 in cybersecurity capabilities. Chubby did some research but only found a Wall Street Journal article. However, that article did not mention a completely new model; instead, it discussed GLM 5.2 as a relatively recent model…

X AI KOLs Following

According to rumors, a certain new model from zAI is at least as strong as Fable 5 in cybersecurity capabilities, but information is limited, only citing a Wall Street Journal article discussing GLM 5.2.

@FinanceYF5: A netizen said they saw Fable 5's unfiltered "inner monologue" — instead of a clean answer, the web interface leaked the raw chain-of-thought text. The content wasn't normal language, just fragments like "DATA DATA DATA", "GRRR", "GAAAH", "PHEW". The poster guessed it's the model's own "internal language…

X AI KOLs Following

Netizens discovered that Fable 5 outputted an unfiltered chain-of-thought in the web interface, containing fragmented internal language like "DATA DATA DATA", "GRRR", etc., suspected to be the model's token-efficient communication method.