Anthropic unveiled two new powerful AI models built on its previously restricted Mythos architecture: Claude Fable 5, which is being made broadly available, and Claude Mythos 5, which remains limited to a small group of cybersecurity and infrastructure partners.Anthropic describes Fable 5 as the most capable model it has ever released to the public, outperforming previous Claude models across software engineering, scientific research, vision, and complex knowledge-work tasks. Anthropic says the model’s advantage grows as tasks become longer and more complicated, enabling users to assign larger projects to the system with less oversight and fewer detailed instructions.According to Dianne Penn, Anthropic’s head of product management, research, and labs, the goal was to make Mythos-level intelligence broadly available without exposing users to the risks that previously kept the technology restricted. “We wanted to be able to provide this level of intelligence for general users in a safe manner,” Penn told The Wall Street Journal.Safeguards may be broader than Anthropic suggestsWhen Anthropic released Mythos in April, it argued that the model’s capabilities in areas such as vulnerability discovery and offensive cybersecurity created risks that justified restricting access to around 50 recipients. Just a week ago, Anthropic announced it was expanding Mythos access to 150 organizations.Now Anthropic says it has developed safeguards robust enough to support a broader release. Those safeguards work by routing certain categories of requests — including cybersecurity, biology, chemistry, and model-distillation-related queries — to the less capable Claude Opus 4.8. Anthropic says these fallbacks occur in fewer than 5% of sessions, meaning most users will effectively interact with the full Mythos-class model during ordinary use.Early testing by security researchers suggests the cyber safeguards may be broader than Anthropic’s description implies. Rob T. Lee, chief AI officer and chief of research at SANS Institute, tells CSO that his routine cybersecurity tasks involving incident response, detection, and basic forensic workflows were automatically routed from Fable 5 to Opus 4.8 during his initial testing. If those observations hold up under broader testing, it could indicate that Anthropic’s classifiers are broadly identifying cybersecurity-related requests rather than attempting to distinguish between benign and malicious cyber activity.The company describes the safeguards as intentionally conservative. Users may occasionally encounter false positives in which benign requests are routed to Opus 4.8, but Anthropic says it chose to prioritize safety over convenience while it continues refining the system.A significant portion of Anthropic’s latest announcement is devoted to explaining why it believes the safeguards are necessary. The company argues that Mythos-class systems have crossed a threshold where they could provide meaningful assistance to malicious actors. Unlike earlier AI systems that primarily offered information, Anthropic says advanced models are increasingly capable of carrying out portions of complex workflows, including activities associated with offensive cybersecurity operations.To address those risks, Anthropic has developed a series of AI-powered classifiers designed to identify potentially dangerous requests. If the system detects a request involving offensive cyber operations, advanced biological research, chemistry-related risks, or attempts to extract the model’s capabilities for use in competing systems, the request is redirected to Opus 4.8. Anthropic says extensive internal and external testing failed to uncover broadly effective jailbreaks that would consistently bypass the safeguards.Anthropic touts gain in coding, analysis, and autonomous workThe Fable 5 announcement also focuses on software engineering, where Anthropic believes the model’s gains are particularly significant. During testing, Stripe, for example, reportedly used Fable 5 to complete a codebase-wide migration in a 50-million-line Ruby repository in a single day, a task the company estimated would have required more than two months of engineering effort if performed manually.Anthropic also says the model achieved state-of-the-art results on coding evaluations that measure not only whether software works but whether it meets the standards expected in production environments.The company further highlighted gains in financial analysis, document reasoning, chart interpretation, and vision tasks. Anthropic says Fable 5 can accurately extract information from complex scientific figures and perform sophisticated visual reasoning tasks, including reconstructing web application source code from screenshots.Expanded access for cyber defendersFor a select group of users, Anthropic is also introducing Claude Mythos 5. The model is identical to Fable 5 but with certain safeguards removed. Through Project Glasswing, cybersecurity organizations and critical infrastructure providers will gain access to a version of the system with cyber-related restrictions lifted — Anthropic plans to gradually expand access through a broader trusted-access program developed in consultation with the US government.The company says Mythos 5 possesses what it describes as the strongest cybersecurity capabilities of any model currently available. Anthropic has previously highlighted the ability of Mythos-class systems to discover software vulnerabilities, assist with exploit development, and perform complex, multi-stage cybersecurity tasks. Those capabilities are precisely what prompted the company to restrict access to earlier versions of the technology.The move reflects a broader trend across the AI industry as vendors seek ways to commercialize increasingly powerful systems without making their most dangerous capabilities widely available. AI developers have spent the past year wrestling with the question of how to deploy models whose capabilities may provide substantial benefits to defenders, researchers, and enterprises while also creating opportunities for misuse.AI doesn’t replace the basicsFor security leaders, the announcement raises important questions about how quickly organizations can adapt to increasingly capable AI systems. The challenge is no longer simply obtaining access to advanced models but integrating them into security operations in ways that produce measurable benefits.The question of how well the safeguards are calibrated matters beyond individual workflows — it goes to the heart of whether organizations can actually operationalize these models effectively. Anthony Grieco, Cisco’s senior vice president and chief security and trust officer, said organizations should focus not only on gaining access to increasingly powerful models but also on deploying them effectively while maintaining strong security fundamentals.“The pace of frontier AI development is changing the security landscape in real-time, and defenders cannot afford to wait for the dust to settle,” Grieco said in a statement sent to CSO. “Whether the model is Claude Mythos 5, Claude Fable 5, GPT-5.5-Cyber, or the next breakthrough, the challenge is no longer just access to advanced AI, but how organizations operationalize it with the right harness, infrastructure, and agentic logic to turn speed into clarity and action.”At the same time, Grieco cautioned against viewing AI as a substitute for foundational security practices.“AI will raise the ceiling for what defenders can do, but security resilience remains the foundation that determines whether those gains translate into real protection,” he said. Even as AI models accelerate software engineering, analysis and security operations, organizations still need to execute on fundamentals such as patching, multifactor authentication, network segmentation, and zero trust architectures.