| Claude Mythos | |
|---|---|
![]() | |
| Developer | Anthropic |
| Release | April 7, 2026 (2026-04-07) |
| Stable release | Claude Mythos 5 / June 9, 2026 (2026-06-09) |
| Type | |
| License | Proprietary |
Claude Mythos is a large language model developed by Anthropic. Anthropic has not officially released the model to the public, citing safety and misuse concerns over its ability to find software vulnerabilities.1 Reactions to Claude Mythos were immediate and mixed.2 A publicly-available version of the model, Claude Fable 5, was later released to the public.
History
Leak (March 26 – April 7)
The existence of a model named Claude Mythos had become publicly known on March 26, 2026 due to leaked blog post drafts.3 Anthropic later acknowledged the development of Mythos to Fortune, and said that the model presented significant risks to cybersecurity.4 According to Axios, Anthropic had issued a warning about Mythos's capabilities to government officials that month.5
Mythos Preview (April 7 – June 9)
Anthropic publicly disclosed Mythos on April 7.6 The company stated that it had no plan to release Mythos to the public.7 It instead launched Project Glasswing, with a consortium of companies using Mythos to find and fix software vulnerabilities. Over forty companies were granted access, including Microsoft, Apple, Google, Amazon Web Services, the Linux Foundation, Cisco, Nvidia, and Broadcom.8 That day, several unauthorized users gained access to Mythos, according to Bloomberg News.9
Reportedly, a few users in a private Discord channel gained access to Mythos the same day it was announced, using details from the recent Mercor data breach.9 The NSA has also used Mythos, despite the fact that the DoD, its parent organization, had blacklisted Anthropic after a dispute.10 In April 2026, the Chinese government requested access to Mythos, but was rebuffed.11
On June 2, Anthropic expanded access to its Claude Mythos cyber-security model, making it available to 150 organizations in more than 15 countries.12
In its May 28, 2026 announcement of Claude Opus 4.8, Anthropic stated it expected to make "Mythos-class" models available to all customers within weeks of the announcement, pending the development of additional cybersecurity safeguards.13
Mythos 5 and Fable 5 (June 9 – present)
On June 9, Anthropic released Claude Mythos 5 as a preview via Project Glasswing alongside a version of Mythos with extended safeguards titled Fable 5.14
On June 12, the U.S. government sent Anthropic a letter prohibiting access to both Mythos 5 and Fable 5 to any non-U.S. national whatsoever, regardless of their location, due to national security concerns.15 As a result, Anthropic revoked access to both models for all customers.15
On June 26, Anthropic started to restore access to Mythos to some U.S. organizations but does not include Fable in the list.1617
On June 30, Anthropic announced on X.com that the U.S. Department of Commerce had lifted restrictions on both Fable 5 and Mythos 5.1819 They also announced that they would be restoring access to both models starting the next day.1820 On July 1st, at approximately 12:30 pm Pacific Time, Anthropic announced that Fable model access had been restored.2122
Specifications and capabilities
Claude Mythos Preview is a large language model designed to fix vulnerabilities within software.232 The UK AI Security Institute tested Claude Mythos with a cyber range. Claude Mythos ranked highest, with Claude Opus 4.6 coming in second, followed by a tie between GPT-5.4 and GPT-5.3 Codex.24
Vulnerabilities found
Anthropic stated that Mythos had found vulnerabilities in "every major operating system and every major web browser" in its testing.25 Two weeks after the limited release, Mozilla announced that it had found and patched 271 security vulnerabilities in Firefox using Mythos Preview.2627 On May 14, 2026, employees at Calif.io announced they had used Mythos to create a memory corruption exploit affecting Apple M5 chips.28
Responses
Media response
Thomas Fraise, writing for The Conversation, argued that Mythos could ruin nuclear deterrence.29 Brett J. Goldstein, writing for The New York Times, argued that the model puts individuals and smaller teams at a "cybersecurity disadvantage".30
Some Chinese media outlets viewed Mythos positively, defending Anthropic's decisions.31
Industry response
Financial response
Hours after Anthropic publicly revealed Mythos, U.S. secretary of the treasury Scott Bessent and Federal Reserve chair Jerome Powell convened financial executives to issue a warning on Mythos's capabilities.32 Several banks began testing Mythos at their behest, including JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley.33 The Bank of Canada summoned major lenders to a similar meeting the following day.34 Mythos was scheduled to be discussed by the Bank of England's Cross Market Operational Resilience Group and CMORG AI Taskforce meetings.35
European Central Bank president Christine Lagarde praised Anthropic for limiting access to Mythos.36 In response to European banks that were not given access to Mythos, Mistral AI began developing its own model.37
Governmental responses
On April 14, 2026, Bloomberg reported that the United States Department of the Treasury was seeking access to Claude Mythos.38 On April 16, the White House and Anthropic held a meeting about Mythos.39 On May 13, a bipartisan group of 32 US Representatives wrote to the Office of the National Cyber Director (ONCD) on revisiting the U.S.'s federal cybersecurity policy.4041
On April 23, Nirmala Sitharaman, chair of India's Ministry of Finance held a meeting of banks and government officials to discuss potential new cybersecurity threats following the release of Mythos.42
At a joint public-private meeting hosted by Japan's Financial Services Agency on April 24, participants agreed to form a work-group to counter potential threats caused by Mythos.43
After an April meeting with officials from Anthropic, Evan Solomon, the Canadian minister of artificial intelligence and digital innovation, praised Anthropic for limiting access to Mythos.44
Several meetings with banks were held by the Australian Prudential Regulation Authority in response to Mythos.45
In April 2026, Anthropic declined to give access to Claude Mythos to the Chinese government after a request from a Chinese think tank.11
References
References
- "What is Claude Mythos and what risks does it pose?". BBC News. April 18, 2026. Archived from the original on June 3, 2026. Retrieved May 30, 2026.
- Metz, Cade; Conger, Kate Conger (May 12, 2026). "Is Anthropic's New A.I. Really That Scary? It Depends Whom You Ask". The New York Times. ISSN 0362-4331. Retrieved May 17, 2026.
- Nolan, Beatrice (March 26, 2026). "Exclusive: Anthropic left details of an unreleased model, an upcoming exclusive CEO event, in a public database". Fortune. Archived from the original on March 27, 2026. Retrieved April 7, 2026.
- Nolan, Beatrice (March 26, 2026). "Anthropic acknowledges testing new AI model representing 'step change' in capabilities, after accidental data leak reveals its existence". Fortune. Archived from the original on May 15, 2026. Retrieved May 18, 2026.
- VandeHei, Jim (March 29, 2026). "AI's looming cyber nightmare". Axios. Archived from the original on May 19, 2026. Retrieved May 18, 2026.
- Roose, Kevin (April 7, 2026). "Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity 'Reckoning'". The New York Times. Retrieved May 18, 2026.
- McMillan, Robert (April 7, 2026). "Anthropic Set to Preview Powerful 'Mythos' Model to Ward Off AI Cyberthreats". The Wall Street Journal. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- Newman, Lily (April 7, 2026). "Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything". Wired. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- Metz, Rachel (April 21, 2026). "Anthropic's Mythos Model Is Being Accessed by Unauthorized Users". Bloomberg News. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- "Scoop: NSA using Anthropic's Mythos despite Defense Department blacklist". Axios. April 19, 2026. Archived from the original on May 28, 2026. Retrieved April 22, 2026.
- Volz, Dustin; Barnes, Julian E.; Frenkel, Sheera; Mickle, Tripp (May 12, 2026). "China Sought Access to Anthropic's Newest A.I. The Answer Was No". The New York Times. ISSN 0362-4331. Retrieved May 12, 2026.
- Murgia, Madhumita (June 2, 2026). "Anthropic to expand Mythos access to more than 15 countries". The Financial Times.
- "Introducing Claude Opus 4.8". www.anthropic.com. Archived from the original on May 30, 2026. Retrieved June 6, 2026.
- Nickel, Dana; Miller, Maggie (June 9, 2026). "Anthropic releases a less-powerful version of its most advanced model". Politico. Retrieved June 10, 2026.
- Capoot, Ashley (June 13, 2026). "Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive". CNBC. Archived from the original on June 29, 2026. Retrieved June 13, 2026.
- Albergotti, Reed; Smith, Ben (June 26, 2026). "Exclusive: US releases powerful Anthropic model Mythos to some US companies". Semafor (website). Retrieved June 27, 2026.
- Cai, Sophia; Haslett, Cheyenne (June 26, 2026). "Trump administration partially lifts Anthropic's AI export ban". POLITICO. Retrieved June 27, 2026.
- AnthropicAI [@AnthropicAI] (June 30, 2026). "We've received notice that the Department of Commerce has lifted export controls on Claude Fable 5 and Mythos 5" (Tweet). Retrieved July 1, 2026 – via X (formerly Twitter).
- Carter, Sandy. "Anthropic Wins As Commerce Lifts Fable 5 And Mythos 5 Export Controls". Forbes. Archived from the original on July 1, 2026. Retrieved July 1, 2026.
- Field, Hayden (July 1, 2026). "Anthropic's long-sidelined Fable 5 is greenlit to return". The Verge. Archived from the original on July 1, 2026. Retrieved July 1, 2026.
- "Claude (@claudeai) on X". X (formerly Twitter). Retrieved July 1, 2026.
- Tangalakis-Lippert, Katherine; Griffiths, Brent D. (July 1, 2026). "Anthropic restores access to Fable 5 after negotiations with White House". Business Insider. Archived from the original on July 1, 2026. Retrieved July 2, 2026.
- Criddle, Cristina (April 7, 2026). "Anthropic rolls out cyber AI model days after source code leak". Financial Times. Archived from the original on April 8, 2026. Retrieved May 18, 2026.
- "Our evaluation of Claude Mythos Preview's cyber capabilities | AISI Work". AI Security Institute. April 13, 2026. Archived from the original on April 13, 2026. Retrieved April 22, 2026.
- Murphy, Margi (April 7, 2026). "Anthropic Limits Mythos Model Release in Bid to Stave Off Hacks". Bloomberg News. Archived from the original on April 16, 2026. Retrieved May 18, 2026.
- Orland, Kyle (April 21, 2026). "Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150". Ars Technica. Archived from the original on May 28, 2026. Retrieved April 22, 2026.
- Newman, Lily Hay (April 21, 2026). "Mozilla Used Anthropic's Mythos to Find and Fix 271 Bugs in Firefox". WIRED. Retrieved April 22, 2026.
- Schroeder, Stan (May 15, 2026). "Anthropic's Mythos is already finding security flaws in Apple software". Mashable. Archived from the original on May 28, 2026. Retrieved May 17, 2026.
- Fraise, Thomas (May 12, 2026). "Hacking the bomb? What Claude Mythos AI reveals about the gamble of nuclear deterrence". The Conversation. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
- Goldstein, Brett J. (April 28, 2026). "Opinion | Your Passwords Are Probably Screwed". The New York Times. ISSN 0362-4331. Retrieved May 17, 2026.
- Zhang, Irene. "Claude Mythos: China Reacts". www.chinatalk.media. Retrieved May 17, 2026.
- Gillespie, Todd; Johnson, Katanga; Levitt, Hannah; Natarajan, Sridhar (April 9, 2026). "Anthropic Model Scare Sparks Urgent Bessent, Powell Warning to Bank CEOs". Bloomberg News. Retrieved May 18, 2026.
- Robertson, Jordan; Gillespie, Todd; Natarajan, Sridhar (April 10, 2026). "Wall Street Banks Try Out Anthropic's Mythos as US Urges". Bloomberg News. Retrieved May 18, 2026.
- Hertzberg, Erik; Dobby, Christine (April 10, 2026). "Bank of Canada, Major Lenders Met on Anthropic AI Cyber Risk". Bloomberg News. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- Rees, Tom (April 11, 2026). "Bank of England Set to Discuss Anthropic's Mythos With Banks". Bloomberg News. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- Lacqua, Francine; Stirling, Craig (April 14, 2026). "Lagarde, Worried About AI, Lauds Anthropic's Approach on Mythos". Bloomberg News. Retrieved May 18, 2026.
- Cohen, Claudia; Berthelot, Benoit (May 13, 2026). "Mistral Developing New AI Model for Banks Lacking Mythos Access". Bloomberg News. Archived from the original on May 14, 2026. Retrieved May 18, 2026.
- Murphy, Margi; Metz, Rachel (April 14, 2026). "US Treasury Seeking Access to Anthropic's Mythos to Find Flaws". Bloomberg News. Retrieved May 18, 2026.
- "White House and Anthropic hold 'productive' meeting amid fears over Mythos model". BBC. April 18, 2026. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
- Gold, Ashley (May 13, 2026). "Scoop: Lawmakers press White House to act on AI cyber threats". Axios. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
- "AI-Discovered Vulnerability Coordination Letter" (PDF). house.gov. May 13, 2026. Archived (PDF) from the original on May 26, 2026. Retrieved May 30, 2026.
- "If AI Can Hack Faster Than Humans, What Happens Next?". Forbes India. April 24, 2026. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
- "Japan rushing to counter threat of cyberattack from Mythos AI model". The Asahi Shimbun. April 27, 2026. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
- Hertzberg, Erik (April 14, 2026). "Anthropic Wins Accolades From Canada's AI Minister Over Mythos Approach". Bloomberg News. Archived from the original on May 22, 2026. Retrieved May 18, 2026.
- Eyers, James (April 29, 2026). "APRA meets with banks, urges more vigilance against AI-powered hacks". Australian Financial Review. Archived from the original on May 22, 2026. Retrieved May 17, 2026.
