Anthropic’s new AI Claude Mythos Goes Public: How Does This Impact Your Cyber Security?

Written By Guest User

By Tomas Evans, PureCyber Chief Offensive Security Officer

Developer Anthropic’s new AI model Fable 5 (aka Claude Mythos) has been released to the public, but there are plenty of security implications to consider after its private preview.

Under the name Project Glasswing, Anthropic quietly gave a handful of organisations access to Claude Mythos Preview in April 2026, an AI model whose capabilities had crossed such a threshold that Anthropic were not comfortable releasing it publicly. This week, Anthropic released the public version under the name Fable 5 to a wave of coverage.

At PureCyber, we’ve been watching the situation closely, and we wanted to share our honest assessment of what it means, including:

  • The results from closed testing

  • Cost implications

  • Security guardrails

  • The issues presented by scaling

What the Private Testing Actually Showed

The results from Glasswing provoked a lot of discussion across the tech world, and with good reason; they are striking. Across the participating organisations, more than 10,000 high-or-critical severity vulnerabilities were identified including bugs in every major operating system and browser that had survived years of human review.

Of course, the numbers are impressive on their own, but there are some very intriguing results within them. For example, Anthropic's own red team found a 27-year old vulnerability in OpenBSD (an open-source operating system built to be secure by default) at a reported of cost under $20,000.  

From an offensive perspective, the UK AI Security Institute ran Mythos through a 32-step corporate network attack. It completed the sequence in three out of ten attempts, which AISI described as the largest cyber capability jump it had ever recorded from a single model.

The Cost Question

Fable 5 will be priced at roughly five times the cost of Opus 4.6, Anthrophic’s agent-focused AI model released in February of this year. During the preview window, usage was covered by a pool of 'effectively free' Anthropic credits, but once that pool expires, the economics might shift.

The headline finding of ‘$20,000 to identify a zero-day exploit on OpenBSD’ sounds expensive or cheap, depending on who you ask. But this is just the tip of the iceberg.

Compared to what it would have cost to utilise the time of a skilled researcher, $20,000 is peanuts. However, this misses the point; it discounts the hundreds, thousands or millions of other avenues that were explored that drew blanks.

In reality, the $20,000 is an average across nearly a thousand runs (including dead ends), meaning the true cost is likely closer to $20,000,000. Anyone quoting a per-finding price without accounting for failed runs is selecting the flattering number while ignoring the wider picture.

My prediction is that at PureCyber is that Fable will change the cyber security landscape, but perhaps not quite as much as people expect. To break it down simply, the expensive part is not the token cost to find an individual vulnerability or zero-day, it’s the volume of dead ends you have to explore before you find something significant.

The real questions are:

  • Will Fable be used to find new security vulnerabilities? Yes.

  • Will it be used at scale? Also, yes.

  • However, can every business afford to spend $20,000 (let alone $20,000,000) to find a vulnerability? No.

Where Fable will earn, its premium is on the deep, novel, multi-step exploit chains. This is the class of finding vulnerabilities that previously required weeks of senior researcher time; instead, that existing expertise will be used more efficiently, to discover and improve framing.

That doesn't mean the CIA, NSA, or GCHQ wont be using Fable, but the cost of scanning every software package to the depth required is likely going to be the major stumbling block. Instantly, we move away from capability and have to look at the economics.

The Scaling Problem is the Real Concern

The headline of "new AI finds thousands of zero-days exploits” is definitely attention-grabbing. The harder problem sits one step downstream, and it is where we think the real operational risk lives for most organisations.

AI models such as Mythos and Fable do not find one vulnerability; they find thousands. The disclosure, triage and remediation process has been built over decades, with a human timelines: 90-day disclosure windows, 14-day patching windows and quarterly penetration testing cycles. With Mythos finding vulnerabilities to such a high rate during preview, each of these is now too slow.

The window between discovery and weaponisation was already around 20 hours before Mythos existed. Now, organisations may be expected to act and remediate vulnerabilities almost as quickly as Mythos discovered them, and most simply don’t have the capabilities or resources to do that. 

For software vendors, the implications are seismic. A scan by this model can produce findings faster than any engineering team can triage them, let alone patch. But that comes with a huge caveat; being handed hundreds of critical findings is not a security improvement if there is no capacity to act on it.

Can the Guardrails Hold?

Anthropic's stated reason for withholding Mythos from general release earlier this year was that its capabilities are dangerous enough to justify building new safety controls before broader release, and that’s certainly wise. Up until now, partners that were given a preview of its capabilities were vetted, and activity was limited to defensive cyber security capabilities against their own infrastructure or code.

For context, the overarching fear about Claude Mythos is valid, as a frontier AI with advanced security capabilities could assist cyber criminals. But for balance, every AI model with the capability to aid an attacker can do the same for a defender. And Anthropic’s decision to restrict Mythos’ initial release via Glasswing can be seen as an indicator of their deliberate approach to reduce any potential harm.

It is the public release that’s been prompting real concern across the sector, because Mythos does not care whose code it scans, or whose systems its tests. Just as you can run audits against your own code and infrastructure, you could just as easily target it against a competitor's codebase and vice versa, which has huge implications.

Truthfully, we will only know how strong the guardrails are when the public has had time to use it themselves.

Conclusion

At this stage, it’s important to note that we don’t have the full picture when it comes to Fable’s full impact, so any predictions we offer have to come with caveats.

Personally, I don’t think Fable will change the world to the extent that it’s been hyped to. It will certainly empower users as it lowers the barrier for defensive and offensive cyber security capabilities, and could act as a useful aid for industry experts or analysts to become more efficient.

However, it’s certainly got the power to increase the strain on companies and cyber-related processes that are already at breaking point due to its scaling capabilities, and that can’t be seen as a net positive.

For the time being, we will continue to monitor the situation and provide our expertise and guidance where it’s needed to ensure our clients effectively and safely leverage all AI models.

How can we help?
Guest User
Next

Single Sign-On - This Backdoor Survives Offboarding