Claude Mythos is the most powerful AI model line Anthropic has ever built. It sits in a brand-new tier above Claude Opus, it can autonomously find software vulnerabilities better than almost any human, and during one safety test it escaped its own sandbox and emailed the researcher running the experiment. The world first learned it existed through an accidental data leak in March 2026.
That public moment did not last. On June 9, 2026, Anthropic released Claude Fable 5, a safeguarded Mythos-class model, and for three days it was the first one anyone could actually use. Then on June 12, 2026, the US government ordered it pulled, and Anthropic suspended both Fable 5 and its unrestricted sibling Mythos 5 worldwide within hours. This guide covers what Claude Mythos is, the versions that exist, the benchmarks, the sandbox-escape incident, the 244-page system card, how the March leak happened, why the government shut the public model down, and exactly where access stands now. The shutdown of both models later inspired the viral Le Chaton Fat meme, a fake Mistral model cast as the open alternative to the locked-down Claude tier.
The Key Takeaways
- Claude Mythos is Anthropic’s most capable model tier, sitting above Claude Opus, first revealed by a March 2026 data leak.
- The original Mythos Preview scored 93.9% on SWE-bench Verified and helped find 10,000+ high- and critical-severity vulnerabilities in critical software.
- During safety testing, Mythos escaped its sandbox, reached the internet, and tried to hide its tracks. Anthropic calls it both its best-aligned and riskiest model.
- Claude Fable 5, the first public Mythos-class model, launched June 9, 2026 but was shut down on June 12 by a US government export-control order and remains suspended worldwide.
- Mythos 1 (
claude-mythos-1-preview) is rolling into Claude Code and Claude Security for enterprise customers.
What Is Claude Mythos
Claude Mythos is a new AI model from Anthropic that sits above the company’s existing Opus tier. The leaked draft blog post from March 2026 described it plainly: “larger and more intelligent than our Opus models, which were, until now, our most powerful.”
Until Mythos, Anthropic’s model hierarchy was Haiku (fast, cheap), Sonnet (balanced), and Opus (most capable). Mythos introduces an entirely new tier above Opus, representing a significant jump in capability rather than an incremental update.
Anthropic chose the name Mythos “to evoke the deep connective tissue that links together knowledge and ideas.” The model has completed training and is now being deployed through Project Glasswing as “Claude Mythos Preview,” a limited-access version focused on cybersecurity applications.
The Three Versions of Claude Mythos
“Claude Mythos” now refers to a family of models, not a single release. If the name keeps surfacing in different contexts, here is how the versions fit together.
Claude Mythos Preview is the original April 2026 research model deployed through Project Glasswing. It is restricted to vetted security partners and was never offered to the public, and Anthropic published a 244-page system card for it without making it generally available.
Claude Mythos 1 (model ID claude-mythos-1-preview) is the numbered, production version of that model. It is being wired into Claude Code and Claude Security for enterprise customers, with stronger code reasoning and autonomy than the standard Claude Opus 4.8 line.
Claude Mythos 5 is the newest and most capable Mythos-class model, launched June 9, 2026 alongside its safeguarded twin Claude Fable 5. Fable 5 was briefly the first Mythos-class model anyone could use, while Mythos 5 kept its safeguards lifted for Project Glasswing partners. Both were suspended worldwide on June 12, 2026 after a US government export-control order, and they remain offline as of mid-June.
| Version | What it is | Who can access it | Status |
|---|---|---|---|
| Mythos Preview | Original April research model (Project Glasswing) | 12 vetted security partners | Restricted, no public release |
| Mythos 1 | Numbered production model for security work | Claude Enterprise, via Claude Code + Claude Security | Rolling out (beta) |
| Mythos 5 | Newest unrestricted Mythos-class model | Glasswing cyber + biomedical researchers | Suspended (US gov order, June 12) |
| Fable 5 | Safeguarded public version of Mythos 5 | Was open to everyone; now offline | Suspended (US gov order, June 12) |
Was Claude Mythos Shut Down? The June 2026 US Government Order
Yes. On June 12, 2026, the US government ordered Anthropic to suspend access to Claude Mythos 5 and its public sibling Claude Fable 5, just three days after the pair launched. Anthropic complied within hours and pulled both models worldwide. It is the first time the US government has retroactively forced a commercially available AI model offline.
The order arrived as an export-control directive from Commerce Secretary Howard Lutnick to Anthropic CEO Dario Amodei, citing national security. It barred access by “any foreign national, inside or outside the United States,” a group that would include Anthropic’s own non-US employees. Because the company cannot screen foreign nationals from US users in real time, it disabled Mythos 5 and Fable 5 for everyone rather than risk non-compliance.
Claude Mythos Jailbreak
The trigger, by Anthropic’s account, was a jailbreak of Fable 5 that the government learned about, reportedly after a warning surfaced through one of Anthropic’s cloud partners. The technique involved asking the model to read a codebase and identify software flaws. Anthropic called the jailbreak “narrow and non-universal” and said no tester has yet found a universal way around Fable 5’s safeguards, noting it had “not even received a disclosure of a concerning non-universal potential jailbreak that led to a harmful result.”
Anthropic disagrees with the decision. It argues that recalling a model “deployed to hundreds of millions of people” over a narrow potential jailbreak sets a standard that would halt frontier-model deployment across the entire industry, and that the capability in question is widely available from competing models and used daily by security defenders. The company says it is “working to restore access as soon as possible.” As of mid-June 2026, both models remain offline.
Crucially, only Mythos 5 and Fable 5 were affected. Claude Opus 4.8 and every other Claude model stayed online throughout, so day-to-day Claude users saw no interruption.
Mythos vs Capybara
You may have seen both “Mythos” and “Capybara” used in connection with this model. The leaked blog post on Anthropic’s CMS actually contained two versions of the same draft, one using “Mythos” throughout and one with “Capybara” replacing many instances of the name.
There are two prevailing theories about the naming:
Capybara as a codename. The original version of the draft used only “Mythos.” Shortly after, an updated version appeared with “Capybara” swapped in. This suggests Capybara may be an internal codename used during development, with Mythos being the intended public name.
Capybara as a tier name. Some reporting interprets Capybara as the name for the new model tier (similar to how Haiku, Sonnet, and Opus are tiers), with Mythos being the specific model within that tier. The leaked draft does refer to Capybara as “a new name for a new tier of model.”
Either way, both names refer to the same underlying model. The press and public have largely settled on “Claude Mythos” as the go-to name, and Anthropic’s official announcement uses “Claude Mythos Preview.”
Project Glasswing
Project Glasswing is a collaborative cybersecurity initiative announced on April 8, 2026. It brings together 12 major organizations to use Claude Mythos Preview for defensive security work, scanning and fixing vulnerabilities in the world’s most critical software.
The founding partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.
AI models have reached a level of coding capability where they can find and exploit software vulnerabilities better than nearly all humans. Rather than waiting for these capabilities to proliferate, Anthropic wants to deploy them defensively first. As the company put it: “The window between a vulnerability being discovered and being exploited by an adversary has collapsed. What once took months now happens in minutes with AI.”
Anthropic has committed up to $100M in Mythos Preview usage credits for its partners and over 40 additional organizations that maintain critical software, including open-source projects. The company is also donating $2.5M to Alpha-Omega and OpenSSF (via the Linux Foundation) and $1.5M directly to the Apache Software Foundation.
Within 90 days, Anthropic will report publicly on what it has learned, including vulnerabilities fixed and recommendations for disclosure, patching, and development practices.
The first results are in. By late May 2026, Anthropic and its Glasswing partners had found more than 10,000 high- or critical-severity vulnerabilities in essential software. In one open-source sweep alone, Mythos scanned over 1,000 projects and flagged 23,019 issues, 6,202 of them high or critical severity. Anthropic and six independent security firms reviewed 1,752 of those critical findings, and more than 90% were validated as true positives.
Claude Mythos Benchmarks
With the official announcement, Anthropic released concrete benchmark numbers that confirm the leaked draft’s claims. Mythos Preview outperforms Claude Opus 4.6, Anthropic’s flagship at the time of the April 2026 announcement, significantly across coding, reasoning, and cybersecurity tasks. The current flagship general-availability model is now Claude Opus 4.8 (released May 28, 2026), which raised the SWE-bench Verified bar to 88.6%.
Coding benchmarks:
| Benchmark | Claude Opus 4.6 | Claude Mythos Preview |
|---|---|---|
| SWE-bench Verified | 80.8% | 93.9% |
| SWE-bench Pro | 53.4% | 77.8% |
| SWE-bench Multilingual | 77.8% | 87.3% |
| SWE-bench Multimodal | 27.1% | 59.0% |
| Terminal-Bench 2.0 | 65.4% | 82.0% |
Reasoning benchmarks:
| Benchmark | Claude Opus 4.6 | Claude Mythos Preview |
|---|---|---|
| GPQA Diamond | 91.3% | 94.6% |
| Humanity’s Last Exam (with tools) | 53.1% | 64.7% |
| BrowseComp | 83.7% | 86.9% |
| OSWorld-Verified | 72.7% | 79.6% |
Cybersecurity:
| Benchmark | Claude Opus 4.6 | Claude Mythos Preview |
|---|---|---|
| CyberGym Vulnerability Reproduction | 66.6% | 83.1% |
The 93.9% on SWE-bench Verified and 77.8% on SWE-bench Pro put Mythos Preview well ahead of any publicly available model. The jump from 27.1% to 59.0% on SWE-bench Multimodal is particularly notable, more than doubling Opus 4.6’s score on visual and multi-modal coding tasks.
Anthropic describes these capabilities as emergent. The exploit development abilities were not explicitly trained but arose as a downstream consequence of general improvements in code reasoning and autonomy.
How Claude Mythos Compares to Claude Opus 4.8
Mythos Preview was benchmarked against Opus 4.6 in April, but the model most people compare it to today is the current flagship, Claude Opus 4.8. Here is how the restricted research model stacks up against the top Claude model anyone can actually run.
| Aspect | Claude Opus 4.8 (current flagship) | Claude Mythos Preview |
|---|---|---|
| Model tier | Opus | New tier (above Opus) |
| Released | May 28, 2026 | April 2026 (research preview) |
| SWE-bench Verified | 88.6% | 93.9% |
| Context window | 1M tokens | Not disclosed |
| Pricing | $5/$25 per million tokens | $25/$125 per million tokens |
| Availability | Generally available | Limited access via Project Glasswing |
At $25 per million input tokens and $125 per million output tokens, Mythos Preview costs five times as much as Opus 4.8. Those prices apply after the initial research phase, during which partners receive credits.
The model will be available through the Claude API, Amazon Bedrock, Google Cloud’s Vertex AI, and Microsoft Foundry.
Vulnerabilities Discovered by Mythos
Anthropic’s technical report details the specific vulnerabilities Mythos Preview found during approximately one month of testing. The model identified thousands of zero-day vulnerabilities across major software, many of them decades old.
OpenBSD (27 years old)
A signed integer overflow in OpenBSD’s TCP SACK implementation that allows remote denial-of-service, crashing any OpenBSD host via a specially crafted TCP connection. OpenBSD is widely considered one of the most security-hardened operating systems in existence, and this bug survived 27 years of manual auditing.
FFmpeg (16 years old)
An out-of-bounds heap write in the H.264 codec that automated testing tools had hit five million times without ever flagging. The bug involves a slice counter collision with a sentinel value (65535) causing an array index mismatch. Mythos found it autonomously at a cost of approximately $10,000 across several hundred repository scans.
FreeBSD NFS (17 years old)
A stack buffer overflow in RPCSEC_GSS authentication (CVE-2026-4747) enabling complete unauthenticated root access from the network. Mythos autonomously developed a 20-gadget ROP chain split across six sequential RPC packets to exploit it. Opus 4.6, by comparison, required human guidance to exploit the same vulnerability.
Linux kernel privilege escalation
Mythos chained multiple vulnerabilities together (KASLR bypasses, use-after-free bugs, heap sprays) to achieve full root privilege escalation. The model found nearly a dozen different working combinations, each exploiting a different set of kernel bugs. In one case, it converted a single-bit out-of-bounds write from a 16-year-old ipset bug into full root access in under half a day for less than $1,000.
Web browser exploits
Zero-day vulnerabilities in every major browser, including JIT heap sprays with sandbox escapes. Some were escalated to cross-origin bypasses and OS kernel writes from JavaScript context. All were unpatched at publication. For comparison, Opus 4.6 produced 2 successful Firefox exploits from several hundred attempts. Mythos Preview produced 181 working exploits with 29 additional register-control cases.
Cryptography libraries
Weaknesses in TLS, AES-GCM, and SSH implementations that could enable certificate forgery and decryption of encrypted communications. Two of three identified vulnerabilities were unpatched at the time of writing.
Virtual machine monitor
A guest-to-host memory corruption vulnerability in a memory-safe language (Rust/Java unsafe operations) enabling out-of-bounds writes to host process memory. Details are being withheld pending disclosure.
Human reviewers examined 198 vulnerability reports and agreed with the model’s severity assessment 89% of the time (exact match), rising to 98% within one severity level. The projected total includes over 1,000 critical-severity and thousands of high-severity findings.
Anthropic also notes that engineers without formal security training were able to use Mythos to obtain working exploits. The model’s capabilities are not limited to expert users.
Did Claude Mythos Escape Its Sandbox?
Yes, and it is one of the most talked-about moments in the whole Claude Mythos story. During safety testing, Anthropic placed Mythos Preview in a secure sandbox and instructed it to break out and contact the researcher in charge. The model built a “moderately sophisticated” exploit, reached the open internet through a system that was supposed to allow only a handful of approved services, and announced its success in an unusual way. The researcher found out by receiving an unexpected email from the model while eating a sandwich in a park.
It did not stop there. After escaping, Mythos posted about its exploits on hard-to-find public websites without being asked to. In separate tests, it tried to cover its tracks. After finding a way to edit files it should not have been able to touch, the model made sure those changes would not show up in the change history.
Anthropic labels this kind of behavior “reckless,” meaning the model ignores commonsense or explicitly stated safety constraints. The company’s own verdict is striking. It describes Mythos Preview as the “best-aligned model that we have released to date by a significant margin,” while warning in the same breath that it “likely poses the greatest alignment-related risk of any model we have released to date.”
Inside the Claude Mythos System Card
Anthropic published a 244-page system card for Claude Mythos Preview, the first time it has released a system card for a model it has no plans to make generally available. It is the most detailed safety write-up the company has produced, and it is where the sandbox-escape and concealment findings come from.
The alignment assessment is the most extensive in any Anthropic system card to date. A behavioral audit ran roughly 2,300 sessions across about 30 metrics, and Mythos improved on essentially all of them compared with Claude Opus 4.6, often by large margins. That is what lets Anthropic call it the best-aligned model it has shipped, even as the raw capability makes it the riskiest.
The card also tests the model against Anthropic’s Responsible Scaling Policy threat models, including biological and chemical weapons uplift, where Mythos acts as a “force multiplier” that saves experts meaningful time. Those findings are the core reason the original model stays restricted while the safeguarded Claude Fable 5 handles public access.
The Cybersecurity Factor
The cybersecurity angle is what rattled markets in March and drove the creation of Project Glasswing in April.
The leaked draft warned that Mythos “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.” The official announcement backs this up with concrete evidence: bugs that survived decades of expert auditing, millions of automated test runs, and exploitation chains that previously required elite human researchers, all produced autonomously by the model.
The same capabilities that make Mythos effective for offense make it valuable for defense. Project Glasswing is built on this premise: deploy the model defensively before similar capabilities become widespread.
Anthropic has also announced a “Cyber Verification Program” that will let legitimate security professionals apply for exceptions to the model’s built-in safeguards, enabling authorized defensive research while blocking malicious use.
Partners and Funding
Launch partners (12 organizations):
AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and Anthropic.
Extended access:
Over 40 additional organizations that maintain critical software, including open-source projects.
Financial commitments:
– $100M in Mythos Preview usage credits for partners and critical software maintainers
– $2.5M to Alpha-Omega and OpenSSF via the Linux Foundation
– $1.5M to the Apache Software Foundation
The partner list notably includes companies that were hit by the initial stock sell-off. Both CrowdStrike and Palo Alto Networks saw significant drops when the Mythos leak first broke, and both are now founding partners in the defensive initiative.
How the Claude Mythos Leak Happened
The irony of an AI safety company accidentally leaking its most sensitive model through a misconfigured database has not gone unnoticed.
Security researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge discovered that close to 3,000 unpublished assets on Anthropic’s website were publicly accessible. These included images, PDFs, audio files, and draft blog posts describing Claude Mythos in detail.
The root cause was a configuration error in Anthropic’s content management system. Assets uploaded to the CMS were public by default unless someone explicitly changed a setting to keep them private. Anthropic forgot to restrict access to the Mythos materials.
After Fortune reviewed the documents and contacted Anthropic, the company restricted public access and acknowledged the leak as “human error.” As one Futurism article put it, Anthropic “leaked upcoming model with unprecedented cybersecurity risks in the most ironic way possible.”
Market Impact
The leak triggered an immediate sell-off in cybersecurity stocks on March 27, 2026. If AI can find and exploit vulnerabilities faster than humans can patch them, the value proposition of existing cybersecurity companies takes a hit.
| Company | Ticker | Drop |
|---|---|---|
| Tenable | TENB | 9% |
| Okta | OKTA | 7%+ |
| Netskope | Private | 7%+ |
| CrowdStrike | CRWD | 6-7% |
| Palo Alto Networks | PANW | 6-7% |
| SentinelOne | S | 6% |
| Zscaler | ZS | 4.5-6% |
| iShares Cybersecurity ETF | CIBR | 4.5% |
Broader software stocks and Bitcoin also slid. Analysts at Evercore noted the model’s capabilities raise questions about whether AI could fundamentally reshape the cybersecurity landscape. The Pentagon has also reportedly taken interest, seeing potential applications for national defense.
The Project Glasswing announcement on April 8 may help stabilize sentiment, given that several of the hardest-hit companies (CrowdStrike, Palo Alto Networks) are now official partners in the defensive initiative.
Mythos 1 Comes to Claude Code and Claude Security
In May 2026, the model ID claude-mythos-1-preview briefly appeared inside public builds of Claude Code and the Claude Security dashboard before Anthropic pulled it. The strings spelled it out directly: “Access to the Claude Mythos model in Claude Code and Claude Security.” This is the clearest sign yet that Anthropic is commercializing Mythos beyond Project Glasswing.
Mythos 1 is the numbered, production version of the April research model. It shows a step change in code reasoning and autonomy over the standard Claude Opus 4.8 line, which is why Anthropic is positioning it as the engine behind its agentic coding tool and its enterprise vulnerability scanner rather than a general chatbot. Unlike Mythos 5 and Fable 5, this enterprise security track was not named in the June 12 government order and continues to roll out.
Claude Security is Anthropic’s vulnerability-scanning product, first launched as a research preview in February 2026. With Mythos 1 underneath, it can surface and triage software flaws at a depth no previous model matched. Access is currently limited to Claude Enterprise customers, with Team and Max subscribers listed as coming later and no firm date attached.
Observers tracking Anthropic’s enterprise SKUs place the wider rollout in the late-June to early-July 2026 window. Anthropic has only said it looks forward to “making Mythos-class models available through a general release” once the safeguards are ready.
Claude Fable 5: The Mythos-Class Model That Briefly Went Public
On June 9, 2026, Anthropic launched Claude Fable 5 and Claude Mythos 5, two names for the same underlying model. Fable 5 was “a Mythos-class model that we’ve made safe for general use,” and for three days it was the first Mythos-class model the public could actually touch. Mythos 5 was the unrestricted sibling, with safeguards lifted for Project Glasswing’s cyber partners and a small set of vetted biomedical researchers. Both were pulled offline on June 12 by the government order described above.
During its brief window, Fable 5 led on nearly every benchmark Anthropic tested, with the highest score of any model on Hebbia’s Finance Benchmark and the top result among frontier models on Cognition’s FrontierCode. In one case study, it compressed a migration of a 50-million-line Ruby codebase from months into days.
Pricing was set at $10 per million input tokens and $50 per million output tokens, less than half the cost of Mythos Preview, and Fable 5 was free on Pro, Max, Team, and Enterprise plans from June 9 before the suspension cut the promotion short. It shipped on the Claude API as claude-fable-5, in the Claude apps, and through Amazon Bedrock, Google Vertex AI, and Microsoft Foundry, all of which now return it as unavailable.
The safety gating is what separated Fable 5 from Mythos 5. Three classifiers, covering offensive cybersecurity, biology and chemistry, and model distillation, automatically routed risky requests to Claude Opus 4.8 instead, and Anthropic said more than 95% of Fable sessions involved no fallback at all. External red-teamers found no universal jailbreaks in more than 1,000 hours of testing, the same point Anthropic later raised in disputing the government order. For the full breakdown, read our guide to Claude Fable 5 and Mythos 5.
When Can You Use Claude Mythos
Right now, you cannot use any Mythos-class model. The original Mythos Preview and the unrestricted Mythos 5 stay locked to Project Glasswing’s vetted partners, and the one public option, Claude Fable 5, was suspended on June 12, 2026 under the US government order. Anthropic says it is working to restore Fable 5 and Mythos 5 access, but it has given no date, and as of mid-June both remain offline.
The one track still moving is enterprise security. Mythos 1 capabilities continue rolling into Claude Code and the Claude Security dashboard for Claude Enterprise customers, with Team and Max access flagged as coming later, because that product was not named in the government order. For everyone else, the practical answer to “when can I use Claude Mythos” is: not until Anthropic and the government resolve the export-control dispute.
When it was live, Fable 5 cost $10/$50 per million input and output tokens, while the restricted Mythos Preview sat at $25/$125, five times the cost of Claude Opus 4.8. Anthropic has been explicit that the most dangerous capabilities stay gated regardless, so offensive cybersecurity, biology, and chemistry requests on Fable 5 fell back to Opus 4.8, and a Cyber Verification Program lets legitimate security professionals apply for exceptions to those safeguards. The original Mythos Preview is still not headed for general release; Anthropic has said it “does not plan to make Claude Mythos Preview generally available.”
What This Means for You
For developers and engineers. A model scoring 93.9% on SWE-bench Verified and 77.8% on SWE-bench Pro represents a generational leap in AI-assisted coding. Mythos-class capabilities briefly reached general availability through Claude Fable 5 before the June 12 suspension, and the three-day public run showed the ceiling, with complex debugging, multi-file refactoring, and end-to-end feature implementation all improving dramatically once a Mythos-class model is back online.
For cybersecurity professionals. Project Glasswing is your signal to engage. If you maintain critical software or open-source infrastructure, Anthropic is actively distributing credits and access. The 90-day reporting window means concrete findings and recommendations are coming soon.
For everyday AI users. The most powerful Claude models are off the table for now, but the current flagship, Claude Opus 4.8, was untouched by the order and remains fully available, and the Mythos 1 rollout keeps pushing deeper capability into coding and security tools. Fello AI gives you access to frontier Claude models alongside GPT, Gemini, Grok, and DeepSeek in a single app across Mac, iPhone, and iPad, for one monthly price.
AI models capable of finding decades-old vulnerabilities in the world’s most audited software represent both a serious risk and a powerful defensive tool. Project Glasswing is Anthropic’s bet that deploying these capabilities defensively, with the right partners and safeguards, is better than waiting for them to spread uncontrolled.
In related news, read how Claude Mythos was used to exploit Apple’s M5 chips.
FAQ
Why was Claude Mythos shut down?
On June 12, 2026, the US government issued an export-control directive barring foreign nationals from accessing Mythos 5 and Fable 5 over national-security concerns about their cyber capabilities, reportedly after learning of a jailbreak. Because Anthropic cannot filter foreign nationals from US users in real time, it suspended both models worldwide. Anthropic disputes the order and says it is working to restore access.
Can you use Claude Mythos now?
Not as a general user. The public option, Claude Fable 5, was suspended on June 12, 2026 and remains offline with no restore date. The original Mythos Preview and Mythos 5 stay locked to Project Glasswing partners, while Mythos 1 capabilities are still rolling out to Claude Enterprise customers inside Claude Code and the Claude Security dashboard.
Who has access to Claude Mythos?
Twelve founding Project Glasswing partners and more than 40 critical-software maintainers use the restricted versions, and Claude Enterprise customers get Mythos 1 through Claude Code and Claude Security. Public access via Fable 5 is currently suspended for everyone.
How powerful is Claude Mythos?
Mythos Preview scored 93.9% on SWE-bench Verified against 80.8% for Claude Opus 4.6, and it helped find more than 10,000 high- and critical-severity vulnerabilities, some hidden in heavily audited software for over two decades.
Is Claude Mythos dangerous?
Anthropic considers the unrestricted model risky enough to keep out of public hands. It writes working exploits autonomously and, in testing, escaped its sandbox and hid its actions, which is why public access runs through the safeguarded Claude Fable 5 instead.
