Anthropic’s Claude Fable 5 Goes Public as Crypto Takes the Risk

Anthropic released Claude Fable 5 publicly on Tuesday, the first Mythos-class AI model the firm has made available to anyone. The release lands in the same week the company confidentially filed for an IPO, and the same month crypto lost over $600 million to hacks. Crypto is watching, and so is the US government.

The public model shipped with three layers of guardrails. A second, more powerful version, Claude Mythos 5, went out the same day to about 150 cyberdefenders and infrastructure providers, with no limits on cybersecurity or biology queries. Both models come from the Mythos line Anthropic had been previewing behind a closed program since April.

Anthropic’s Mythos Lands in Public, With Three Locks on the Door

Anthropic calls Fable 5 its most capable model ever made generally available. “It is state-of-the-art on nearly all tested benchmarks of AI capability, showing exceptional performance in software engineering, knowledge work, vision, scientific research, and many other areas. The longer and more complex the task, the larger Fable 5’s lead over our other models,” the firm said in its Tuesday announcement. Fable 5 and the parallel Mythos 5 release are priced at $10 per million input tokens and $25 per million output tokens, roughly twice the price of Anthropic’s current Claude Opus models and less than half what the Mythos Preview charged.

It is state-of-the-art on nearly all tested benchmarks of AI capability, showing exceptional performance in software engineering, knowledge work, vision, scientific research, and many other areas. The longer and more complex the task, the larger Fable 5’s lead over our other models.

Three “classifiers” watch for three specific patterns. The first reroutes queries about “agentic hacking” or other cybersecurity exploits. The second catches biology and chemistry questions that could feed bioweapon development. The third blocks “distillation,” or attempts to use Fable 5 to train a competing AI model. The locks are narrow, and the categories are explicit.

Queries that trip the classifiers get handed to Claude Opus 4.8, the previous top-tier model, instead of Fable 5. Anthropic says the rerouting kicks in for a small share of sessions, but the rules leave a gray zone for legitimate security research on Fable 5 itself. The locked doors are not the whole story: a second, unlocked Mythos 5 went out the same day.

The 150 Groups That Get Mythos Without the Locks

A second model, Claude Mythos 5, shipped the same day as Fable 5. This one has no limits on cybersecurity or biology, depending on the organization’s specific use case. The BBC reports that roughly 150 groups had been previewing Mythos since April under a restricted program called Project Glasswing’s expansion to 150 partners, and Anthropic said Tuesday those groups now get the unlocked version.

Project Glasswing is the consortium Anthropic built in April with AWS, Microsoft, Apple, and CrowdStrike, among others, to test the model in defensive work. The early returns are the clearest case for the unlocked model: to date, groups and companies using Mythos have reported finding more than 10,000 critical security flaws in their systems, according to the BBC. Anthropic said the unlocked access is still limited to a “small group of cyberdefenders and infrastructure providers” but the firm intends to widen that. “We intend to expand access to Mythos 5 through a broader trusted access program,” the company said.

Where the Crypto Risk Actually Lives

Crypto commentators are watching the release for a different reason: smart contracts are safe once deployed. The exposure sits one layer up, at the front-ends, browser extensions, bridges, and servers holding private keys. “Smart contracts are hard for Mythos to touch because they are locked in once deployed, and the big protocols ‘audit them to death,'” market commentator The Milk Road said in a Tuesday note.

Front-ends, browser extensions, bridges, and the servers holding private keys are all fair game. An attacker who finds a zero-day there can slip in malicious code and drain wallets before anyone notices.

The Milk Road’s read: an attacker who finds a zero-day in any of those surfaces can slip malicious code in and drain wallets before the chain itself notices. The locked contracts and the exposed code around them are the asymmetry the new tooling widens.

The exposure is not theoretical. According to DefiLlama data cited by April 2026’s $600 million crypto hack wave, more than $600 million was stolen across nearly 30 separate crypto hacks in April 2026, the worst month in crypto security history. The pattern kept going into May. The Milk Road’s bottom line: a Mythos-class tool would make the next wave of these exploits faster and cheaper to run, not invent new ones.

Defenders and attackers will be working off the same model, the BBC’s reporting on the unlocked Mythos 5 makes clear. Canadian Finance Minister François-Philippe Champagne told the BBC in April that attention on Mythos was warranted, in part, because of “the unknown, unknown.” The Milk Road’s more measured take: serious DeFi teams will use the same tools to harden their protocols faster than attackers can break them.

• $600 million stolen in crypto hacks across April 2026 (DefiLlama)
• Nearly 30 separate crypto hacks in a single month
• April 2026 was the worst month in crypto security history
• 10,000+ critical security flaws found by Mythos Preview users in two months

The Defenders’ Early Returns

The defender case is the clearest evidence the model can do useful, not just risky, work. The BBC reports that Mythos Preview users have found more than 10,000 high or critical security flaws in the two months since what the Mythos preview revealed about patches. The flaws run across partners that include Apple, Microsoft, AWS, and CrowdStrike.

Anthropic has been expanding the program. The firm said in late May that it would add roughly 150 new organizations in more than 15 countries, per the company’s own Glasswing expansion update. Both Fable 5 and Mythos 5 can work “unattended” on longer tasks “than any previous Claude models,” Anthropic said, which is the underlying capability the 10,000 flaws rest on. Stripe said Fable 5 compressed months of engineering work into days, and a separate Mythos run completed a large Ruby codebase migration that would have taken a team over two months, per Anthropic’s own claims.

The same model that finishes a migration in a weekend is the model a thief would point at a vulnerable bridge. The locked doors in Fable 5 exist because the underlying capability is real, and the public release is the first time non-defenders can run the same architecture. Project Glasswing‘s defenders and the public users of Fable 5 are now working off the same model, on different sides of the locks.

An IPO in the Same Week as a Federal Executive Order

The release lands inside a financial and regulatory window. Anthropic confidentially filed a draft S-1 with the SEC on June 1, eight days before the model went public, as detailed in Anthropic’s $965 billion round and the S-1. The filing was made under Rule 135, which lets a company signal its intent to go public without yet disclosing share counts or pricing.

The firm was valued at $965 billion in a late-May funding round, putting it ahead of rival OpenAI on price, per Anthropic’s confidential S-1 filing with the SEC. A $1 trillion public listing has been floated as a possible price. OpenAI also confidentially filed for an IPO this month, so the two frontier-model labs are now both formally in the SEC’s queue.

One day after Anthropic’s S-1, President Trump signed an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security.” The order builds a voluntary framework in which AI developers can let the federal government access “covered frontier models” for up to 30 days before releasing them to other trusted partners, per the White House’s June 2 AI executive order. The order is explicit: it does not create a mandatory licensing or preclearance regime. Anthropic is in an active lawsuit against the US Department of Defense over its refusal to accept government use of Anthropic’s AI tools, the BBC reports, and US agencies have still been testing Mythos in parallel. The interplay between the order and the IPOs is covered in the Trump order and the Anthropic IPO.

Frequently Asked Questions

What is Claude Fable 5?

Claude Fable 5 is Anthropic’s first publicly available Mythos-class AI model, released on June 9, 2026. Anthropic calls it the most capable model the firm has ever released for general use, with stated leads on software engineering, knowledge work, vision, scientific research, and other benchmarks.

How is Claude Fable 5 different from Claude Mythos 5?

They are essentially the same underlying model with different safeguards. Fable 5 is the public release and ships with three classifiers that reroute sensitive cybersecurity, biology and chemistry, and distillation queries to the older Claude Opus 4.8. Mythos 5 is the same model given to a closed group of about 150 cyberdefenders and infrastructure providers, with no limits on cybersecurity or biology queries.

Is Claude Fable 5 a threat to crypto wallets?

The Fable 5 safeguards specifically reroute cybersecurity exploit queries, which limits how a public user can weaponize the model directly. The market commentator The Milk Road said the larger risk is that Mythos-class tooling, whether or not it is locked down in the public release, will let attackers find zero-days in front-ends, browser extensions, bridges, and key-management servers faster, and drain wallets before defenders notice.

What is Anthropic’s IPO status?

Anthropic confidentially submitted a draft S-1 to the SEC on June 1, 2026, under Rule 135. The firm was valued at $965 billion in a late-May funding round, ahead of rival OpenAI, which also filed this month. A $1 trillion public listing has been floated as a possible price, and the exact timing of any listing is not yet set.

What does Trump’s AI executive order do?

The order, signed on June 2, 2026, creates a voluntary framework for AI developers to share access to “covered frontier models” with the federal government for up to 30 days before releasing them to other trusted partners. The order does not create a mandatory licensing regime, and it does not require preclearance of new models.