Summary of Major Developments
Anthropic launched Claude Fable 5 on June 9, 2026 — its first publicly available Mythos-class model — achieving state-of-the-art results on nearly all tested benchmarks. Safeguards route cybersecurity, biology, chemistry, and distillation queries to Claude Opus 4.8, triggering in fewer than 5% of sessions.
Claude Mythos 5 — the same underlying model as Fable 5 but with cybersecurity safeguards lifted — is released exclusively to Project Glasswing partners: AWS, Microsoft, Apple, Cisco, Google, CrowdStrike, JPMorganChase, NVIDIA, and Palo Alto Networks, now expanding to ~150 organizations across 15+ countries.
Anthropic is opening a Trusted Access Program for biology: select life science researchers gain access to Fable 5 with biology and chemistry safeguards removed — while cybersecurity safeguards stay in place. Both models price at $10 per million input tokens and $50 per million output tokens.
Background: From Mythos Preview to Today
The Fable 5 and Mythos 5 release is the culmination of a staged rollout that began in April 2026, when Anthropic launched Claude Mythos Preview exclusively through Project Glasswing. That first Glasswing cohort — a handful of cyberdefenders and critical infrastructure providers — used Mythos Preview to identify and patch vulnerabilities across systemically important software. Anthropic confirmed that initial group of approximately 50 partners found more than 10,000 high- or critical-severity vulnerabilities across the world’s most widely deployed software.
One publicly documented result: Mythos Preview constructed an exploit targeting certificate forgery, allowing an attacker to host a convincing fake website for a bank or email provider appearing fully legitimate to end users. That vulnerability was assigned CVE-2026-5194 and has since been patched. Anthropic committed to publishing the full technical analysis.
Technical Architecture: The Three-Layer Model Structure
Anthropic has introduced a deliberate three-layer control architecture: Fable 5 as the commercial product layer, Mythos 5 as the restricted capability layer, and Opus 4.8 as the safety routing layer. This structure separates raw capability from public availability in a way no prior Claude release has done.
→ Cyber/bio queries → Opus 4.8
→ Triggers in <5% of sessions
→ $10 / $50 per 1M tokens
→ Cyber safeguards lifted
→ 30-day mandatory retention
→ US government co-vetting
→ Conservative handling
→ Users notified on reroute
→ Standard Claude controls
Fable 5 and Mythos 5 share identical underlying weights — they are the same trained model, as confirmed in Anthropic’s official announcement. The distinction is purely the inference-layer safeguard system. The naming carries deliberate etymology: Fable derives from the Latin fabula (“that which is told”) — itself cognate with the Greek mythos. The safeguards are what distinguish them.
On ExploitBench — the benchmark measuring automated vulnerability exploitation — Mythos 5 scores 78%, up from 69% for Mythos Preview and 40% for Opus 4.8. The model executes full agentic hacking sequences: reconnaissance, lateral movement, exploit chaining, and defense evasion, without human direction at intermediate steps.
Beyond cybersecurity and biology, Fable 5 includes a third classifier: a distillation blocker. Anthropic has previously identified large-scale coordinated attempts to extract Claude’s capabilities by using the model to generate training data for competing models. Queries flagged as distillation attempts fall back to Opus 4.8.
Full Model Comparison Matrix
| Attribute | Claude Fable 5 | Claude Mythos 5 | Claude Opus 4.8 |
|---|---|---|---|
| Availability | Public | Glasswing only | Public |
| Underlying model | Mythos-class | Mythos-class (identical) | Opus-class |
| Cyber safeguards | Active → Opus 4.8 | Lifted for partners | Standard |
| Bio/chem safeguards | Active → Opus 4.8 | Lifted for bio TAP | Standard |
| ExploitBench score | Blocked by classifier | 78% | 40% |
| SWE-Bench Pro | 80.3% | Same model | 69.2% |
| FrontierCode rank | #1 frontier | Same model | Below Fable 5 |
| API price (in / out per 1M) | $10 / $50 | $10 / $50 | Custom enterprise |
| Data retention | Standard | 30-day mandatory | Standard |
Performance Benchmarks
(vs 58.6% GPT-5.5)
all frontier models
10pt jump over Opus 4.8
vs 40% Opus 4.8
SWE-Bench Pro — Coding Performance
ExploitBench — Cybersecurity (Mythos 5 only)
Software engineering: Stripe reported that in a 50-million-line Ruby codebase, Fable 5 completed a full codebase-wide migration in a single day — a task that would have taken an entire engineering team more than two months. Stripe’s direct summary: “Fable 5 compresses months of engineering into days.” Cursor noted the model “opened a class of long-horizon problems that were out of reach for earlier models.”
Knowledge work and finance: On Hebbia’s Finance Benchmark for senior-level analytical reasoning, Fable 5 achieved the highest score of any model tested, with double-digit gains in document-based reasoning and problem solving. Optiver noted Fable 5 was “remarkably consistent,” scoring identically across repeated runs. Hex reported Fable 5 was the first model to break 90% on its core analytics benchmark — a 10-point jump over Opus 4.8.
Vision: Fable 5 can rebuild a web application’s complete source code from screenshots alone. It completed Pokemon FireRed using only raw game screenshots with a minimal harness — no maps, no game-state data. Previous Claude models required complex scaffolding to approach the same task.
Drug design: Using Mythos 5 with protein design and bioinformatics tools, Anthropic’s internal team accelerated drug design by approximately 10x. Of 14 protein targets studied, nine yielded strong drug design candidates under active investigation. Target areas include immune checkpoints, neurodegeneration, and muscle disease.
Genomics: Mythos 5 conducted over a week of largely autonomous genomics research — assembling single-cell data across 138 animal species and training a custom model 100x smaller than a recently published Science journal model that still outperformed it. Anthropic intends to publish these results formally.
Novel hypothesis generation: In blinded comparisons against Opus-class models, Anthropic’s scientists preferred Mythos 5’s molecular biology hypotheses approximately 80% of the time. One hypothesis — a novel mechanism for an E. coli protein — was independently corroborated by a separate research group working on the same problem.
Commercial and Enterprise Market Impact
Claude Mythos shifts Anthropic from model vendor to controlled infrastructure gatekeeper. The company is selling more than inference — it is selling access control, safety routing, auditability, and domain-specific containment. That places Anthropic closer to the operating layer of enterprise security tooling, where buyers expect policy enforcement, compliance documentation, and account-level governance. For teams getting started, our guide on how to use Claude AI covers the practical access and workflow foundations.
The competitive pressure falls on OpenAI, Google DeepMind, xAI, Meta, and specialist security AI startups. If Anthropic’s approach holds, frontier AI competition will no longer be measured only by benchmark scores. Release policy becomes a feature. Enterprise buyers will compare containment design, fallback routing, incident reporting, regulatory alignment, and model access segmentation — not just raw performance.
For CISOs, Mythos turns model access into a privileged-security function. Organizations granted Glasswing access will need internal user tiering, sandboxed execution, logging, export controls, legal review, and disclosure workflows. The vulnerability disclosure workflow itself changes: if a model can produce thousands of candidate vulnerabilities, the bottleneck shifts from discovery to verification, prioritization, patch engineering, and release management.
For founders, Claude Mythos creates two opposing pressures simultaneously. Security startups can build services around AI-assisted vulnerability validation, exploit simulation, and patch prioritization. At the same time, the same capability lowers barriers for attackers. The winning vendors will be those that convert model output into verified, patchable, auditable remediation workflows — not those that simply generate more findings. See our deep dive on Claude AI for business efficiency for practical frameworks on integrating these capabilities responsibly.
The Fable 5 subscription rollout is staged by design. Through June 22, Fable 5 is included at no extra cost on Pro, Max, Team, and seat-based Enterprise plans. On June 23, it will be removed from those plans, requiring usage credits going forward. On the API and consumption-based Enterprise plans, Fable 5 is fully available from today.
“One notable part of Anthropic’s report was that Mythos Preview displayed heightened capabilities not only to identify multiple vulnerabilities, but also to more autonomously chain exploits together. This is significant beyond what prior models could do.”
“The main cybersecurity concern about models like Claude Mythos and future iterations is that it makes it much easier for non-state actors to take down critical infrastructure.”
Frequently Asked Questions
Claude Fable 5 is Anthropic’s first publicly available Mythos-class model, sharing identical underlying weights with Claude Mythos 5. The difference is the safeguard layer: Fable 5’s classifiers route cybersecurity, biology, chemistry, and distillation queries to Claude Opus 4.8. Mythos 5 has cybersecurity safeguards lifted and is restricted to vetted Glasswing partners. Both models cost $10 per million input tokens and $50 per million output tokens.
Project Glasswing is Anthropic’s structured access program for Mythos-class models in defensive cybersecurity contexts. It launched in April 2026 with approximately 50 founding partners — including AWS, Microsoft, Apple, Cisco, Google, CrowdStrike, JPMorganChase, NVIDIA, Broadcom, the Linux Foundation, and Palo Alto Networks — and is now expanding to approximately 150 organizations across more than 15 countries. Access requires vetting by Anthropic in coordination with the US government and acceptance of a 30-day data retention policy.
An external bug bounty running over 1,000 hours produced no universal jailbreaks. External red-teaming organizations also found no universal jailbreaks on long-form agentic tasks. On single-turn cybersecurity requests covering exploit planning, development, and defense evasion, Fable 5 complied with zero harmful requests regardless of whether known jailbreak techniques were applied.
Anthropic is opening a biology Trusted Access Program giving selected life science researchers access to Fable 5 with biology and chemistry safeguards removed — while keeping cybersecurity safeguards active. The program will initially enroll a small number of researchers across fundamental and translational research organizations. This is distinct from Project Glasswing, which focuses exclusively on cybersecurity.
Claude Mythos 5 scores 78% on ExploitBench, up from 69% for Claude Mythos Preview (released April 2026) and 40% for Claude Opus 4.8. Anthropic describes Mythos 5 as the strongest cybersecurity model currently available. The model performs full agentic hacking sequences including reconnaissance, exploit chaining, and defense evasion without human direction at intermediate steps.
