Simon Carter
Security & Governance

Claude Mythos 5 launches in secret: same model as Fable 5, cybersecurity safeguards removed

Anthropic's restricted Claude Mythos 5 shares its architecture with Fable 5 but ships without cybersecurity guardrails, deployed via Project Glasswing with the US government.

security governance category

Most of the coverage around Anthropic’s June 9 launch has focused on Claude Fable 5, the first Mythos-class model made available to the general public. That story is worth telling. But running alongside it, with considerably less fanfare, is a separate and arguably more significant launch: Claude Mythos 5, a restricted deployment of the same underlying model with its cybersecurity safeguards deliberately removed.

Here is what that actually means, and why it matters.

Two names, one model

Fable 5 and Mythos 5 are not distinct architectures. They are the same model, built on the same foundation. The difference is what sits on top of it.

Fable 5 ships with three layers of safety classifiers active. One covers cybersecurity. A second covers biology and chemistry. A third targets what Anthropic calls distillation attempts, where users try to extract the model’s capabilities to train competing systems. Queries that trip any of those classifiers get handed off to Claude Opus 4.8 rather than answered by Fable 5. Anthropic says this fallback is triggered in fewer than 5% of sessions.

Mythos 5 has the cybersecurity layer removed. That is the only material difference, but it is a significant one. Anthropic claims it gives Mythos 5 the strongest cybersecurity capabilities of any model in the world.

Project Glasswing and the US government connection

Access to Mythos 5 runs through Project Glasswing, Anthropic’s restricted cybersecurity initiative. The programme currently includes around 50 vetted partners: Amazon Web Services, Apple, Google, Cisco, Microsoft, JPMorgan Chase, and a broader set of critical infrastructure providers and major software maintainers. Mythos 5 is a direct upgrade from Claude Mythos Preview, which launched through Glasswing in April 2026.

The collaboration with the US government shapes both who gets access and how the model is deployed. Anthropic is working with government partners to define the criteria for expanding Glasswing to additional cybersecurity organisations, though it has not published a timeline for that broader rollout.

Since April, Glasswing partners have used Mythos Preview to identify more than 10,000 high or critical severity vulnerability candidates across major software projects. Mythos 5 is intended to accelerate that work further, at a meaningfully lower cost: pricing has dropped from $25 per million input tokens and $125 per million output tokens for Mythos Preview, to $10 and $50 respectively.

Biology is next

Cybersecurity is not the only domain where Anthropic plans to operate a restricted access tier. A separate programme for biology and life sciences researchers is in development.

Under that scheme, selected researchers will get access to Fable 5 with its biology and chemistry safeguards removed, while the cybersecurity classifier stays active. Anthropic says Mythos 5 is its first model to consistently generate novel scientific hypotheses, with internal scientists preferring its molecular biology outputs over Opus-class models roughly 80% of the time. One hypothesis about an E. coli protein mechanism was subsequently corroborated by an independent lab. In a separate genomics project, Mythos 5 ran largely autonomous research for more than a week, assembling single-cell data from 138 animal species and training a custom machine learning model that outperformed a recently published Science paper at one-hundredth the size.

The biology programme does not yet have a public launch date.

The data retention change that enterprise customers need to read carefully

Alongside the model launches, Anthropic has made a policy change that will affect some enterprise customers more than the models themselves.

All traffic on Mythos-class models, including Fable 5 and Mythos 5, is now subject to mandatory 30-day retention. Anthropic will log and hold that data regardless of prior contractual arrangements, including zero-retention agreements that some enterprise customers had previously negotiated.

The stated rationale is safety monitoring: Anthropic wants to detect novel jailbreaks, multi-turn attack patterns, and classifier false positives. The company says the retained data will not be used for model training and will be deleted after 30 days in almost all cases. Human access to the data is logged.

That may be technically reassuring, but the practical implication is clear. If your organisation built on Claude under a zero-retention arrangement and has compliance requirements around data residency, legal hold, or sector-specific regulations, you need to review your position before continuing to use Mythos-class models. The prior agreement no longer applies to this tier.

What this means for you

If you work in cybersecurity and are not already a Glasswing partner, the direct path to Mythos 5 is closed for now. Anthropic is expanding the programme in consultation with the US government, but there is no open application process announced yet. The practical option is to build on Fable 5 via the Claude API, which offers substantial capability for the majority of security work, and watch for updates on expanded Glasswing access.

If you are an enterprise customer with a zero-retention contract, treat the 30-day retention policy as a live compliance question. Anthropic has been explicit that this overrides prior arrangements for Mythos-class traffic. If your legal or security team approved your Claude deployment under zero-retention terms, that approval may need to be revisited.

If you are a life sciences or biology researcher, Anthropic has signalled this category is a priority for the next phase of trusted access. The capabilities on offer, including autonomous multi-step research and novel hypothesis generation, are meaningfully different from what general-purpose models provide. It is worth registering interest with Anthropic directly, even before the formal programme opens.

If you are a general developer or enterprise user, Fable 5 is available now on the Claude API at claude-fable-5, and on AWS Bedrock, Google Cloud, and Microsoft Foundry. The fallback architecture means you will occasionally receive an Opus 4.8 response on sensitive queries, but Anthropic says that happens in under 5% of sessions and is largely invisible in practice.

The broader picture

This launch sits in an unusual context. Anthropic published a public warning days before the release stating that AI systems are advancing fast enough that recursive self-improvement, where a model autonomously improves itself without human direction, may be approaching. The company also called on major labs to coordinate on a shared development brake.

And then it released the most capable model it has ever made publicly available, with a stripped-down version running in a government-adjacent programme with cybersecurity restrictions removed.

That tension is not a contradiction so much as a statement of where Anthropic has landed on the risk calculus: the defensive value of putting powerful cybersecurity capability in the hands of defenders outweighs the risk of keeping it locked away, provided access is tightly controlled and traffic is monitored. Whether that logic holds up as the programme expands will be worth watching closely.