What is Claude Mythos? And how to see it in action with Claude Fable 5

Overview

Anthropic announced Claude Mythos on April 7, 2026, then declined to release it to the public because the model found thousands of serious software security flaws on its own. Instead the company set up Project Glasswing, a limited program that gave roughly 50 partner organizations early access so they could fix bugs before bad actors found them. A near-identical version with safety limits, called Claude Fable 5, went to paying subscribers. Within the first weeks, partners reported finding and patching more than 10,000 high- or critical-severity vulnerabilities.

Key Takeaways

Claude Mythos is a general-purpose model built for coding, reasoning, and vision tasks, and Anthropic says it identified serious vulnerabilities across major operating systems and web browsers without being trained specifically to do so.
Anthropic withheld Mythos from open release, warning the fallout for economies, public safety, and national security might be severe if the model reached the wrong hands.
Project Glasswing gave early controlled access to a small group of named partners, including Amazon, Apple, Google, Microsoft, Nvidia, Cisco, CrowdStrike, JPMorganChase, the Linux Foundation, Broadcom, and Palo Alto Networks.
Claude Fable 5 is functionally the same model as Mythos 5 but adds guardrails that limit responses on cybersecurity, chemistry, biology, and model copying, affecting about 5 percent of queries.
Mythos 5 and Fable 5 are Anthropic's first numbered releases under those names, sitting alongside Opus 4.8, Sonnet 4.6, and Haiku 4.5.
Fable 5 ranked first on the Artificial Analysis index and topped Zapier's AutomationBench across six business functions.

Stats & Key Facts

#More than 10,000 high- or critical-severity security bugs found and patched by partners in the first few weeks of Project Glasswing.
#About 50 partner organizations were granted early controlled access to the model under Project Glasswing.
#Roughly 150 additional organizations across more than 15 countries were later added to the program.
#6,202 high- or critical-severity flaws affected more than 1,000 open-source projects, according to follow-up reporting.
#Guardrails on Fable 5 restrict roughly 5 percent of queries, falling back to Opus 4.8 for those cases.
#Fable 5 ranked number one on Artificial Analysis and posted the top score on 5 of 10 underlying benchmarks.

Why Anthropic Held Claude Mythos Back From Public Release

The decision to announce a model and then not ship it is unusual, and the reason was security.

When Anthropic introduced Claude Mythos on April 7, 2026, the company said the model posed a unique cybersecurity threat and warned the fallout for economies, public safety, and national security might be severe. During testing the model found thousands of high-severity vulnerabilities across major operating systems and web browsers, including flaws dating back to the 1990s in long-standing systems.

Rather than open the model to anyone, Anthropic chose a controlled path. The worry was straightforward: a tool good at finding software weaknesses helps defenders and attackers equally, so wide release before defenses are in place hands an advantage to people who want to break in.

What Project Glasswing Does and Who Joined It

Project Glasswing is the controlled rollout Anthropic built around the held-back model.

›The initial group included Amazon, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.
›Partners used early access to find and fix flaws in their own software before public disclosure.
›In the first few weeks, the group reported finding and patching more than 10,000 high- or critical-severity bugs.
›The program later expanded to roughly 150 more organizations across more than 15 countries, including operators in power, water, healthcare, and telecommunications.

How Claude Fable 5 Differs From Mythos 5

Fable 5 is the version most paying users actually reach.

Claude Fable 5 is functionally identical to Mythos 5 but adds safety guardrails. Those guardrails limit responses on cybersecurity, chemistry, biology, and model distillation, which is the practice of copying a model's behavior into a smaller one. When a query hits a restricted area, the system falls back to Opus 4.8 instead of answering with the full model.

Anthropic estimated the guardrails affect about 5 percent of queries, so most everyday work passes through untouched. Fable 5 reached Claude Pro, Max, Team, and some Enterprise subscribers through the Claude app, the web interface, and the API.

What the Model Reportedly Found and Built

The capability claims explain why Anthropic treated the model with caution.

›Identified zero-day weaknesses in every major operating system and web browser tested.
›Chained smaller flaws together into larger exploits and moved from anonymous website visitor to server administrator access.
›Migrated Stripe's 50-million-line Ruby codebase, which Anthropic described as compressing months of engineering into days.
›Worked on drug design and molecular biology hypotheses, and completed genomics projects involving machine learning.

Where Mythos and Fable Sit in Anthropic's Lineup

The naming marks a shift in how Anthropic labels its models.

Mythos 5 and Fable 5 are the first releases to carry those names, and the 5 signals a new numbered line. They sit alongside the company's existing models, which include Opus 4.8, Sonnet 4.6, and Haiku 4.5.

On public testing, Fable 5 ranked first on the Artificial Analysis index and earned the top score on 5 of 10 underlying benchmarks. It also led Zapier's own AutomationBench, a test of real-world workflows spanning six business functions, which suggests strength on practical automation rather than only abstract puzzles.

Plain-Language Takeaway for Business Readers

Here is what the story means if you run a company rather than a security team.

The headline is that an AI model became good enough at finding software flaws that its maker decided open release was too risky. For most businesses, the immediate effect is indirect: vendors in the Glasswing group are patching weaknesses in widely used software, which makes the tools you already run safer.

The version you might actually use is Fable 5, the guardrailed twin. For ordinary coding, writing, and analysis it behaves like the full model, and the limits mostly touch sensitive security, chemistry, and biology topics. The broader signal is that AI security tools are now strong enough that access control, not raw capability, is becoming the main question.

Frequently Asked Questions

What is the difference between Claude Mythos and Claude Fable 5?

They are functionally the same model. Mythos 5 is the unrestricted version Anthropic held back, while Fable 5 adds guardrails that limit about 5 percent of queries on sensitive topics and falls back to Opus 4.8 for those cases.

Why did Anthropic refuse to release Claude Mythos publicly?

Anthropic said the model found thousands of serious software vulnerabilities on its own and warned the fallout for economies, public safety, and national security might be severe if released openly. The company chose a controlled rollout through Project Glasswing instead.

What is Project Glasswing?

It is a controlled access program that let about 50 partner organizations use the model early to find and fix software flaws before public disclosure. Partners reported patching more than 10,000 high- or critical-severity bugs in the first few weeks.

Which companies were part of Project Glasswing?

The initial partners included Amazon, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. The program later added roughly 150 more organizations across more than 15 countries.

Can businesses use Claude Fable 5 today?

Fable 5 was made available to Claude Pro, Max, Team, and some Enterprise subscribers through the Claude app, web interface, and API. It behaves like the full model for most work, with limits mainly on cybersecurity, chemistry, biology, and model copying.

Claude Mythos shows how a model good at finding software flaws shifts the main question from how capable AI is to who gets access, and Fable 5 is Anthropic's attempt to give that capability to users while keeping the riskiest uses behind guardrails.