Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
Anthropic has confirmed that Claude Mythos, its most powerful artificial intelligence model for cybersecurity, will be redeployed to a select group of US organizations responsible for operating and defending critical infrastructure. This follows a government-led review process that began on June 12, 2026.
“We are rapidly restoring access for these organizations and continue to collaborate with the government to expand access to Mythos 5 and make Fable 5 available again for general use,” the company stated on Friday.
Claude Mythos first gained attention in April 2026, when Anthropic described it as a potential “game-changer” in cybersecurity. The model was so advanced that the company initially decided not to release it publicly. Claude Mythos has demonstrated an unprecedented ability to autonomously discover software vulnerabilities, identifying thousands of high-severity flaws in every major operating system and web browser.
Among the documented results is a vulnerability in OpenBSD that had existed for 27 years, a flaw in FFmpeg that had been hidden for 16. The model can create exploits that can leverage vulnerabilities to gain complete kernel Linux privileges. The model had a 72% success rate in generating functional exploits and chaining vulnerabilities on the first attempt.
This is a significant result, especially when compared to the 0% of the previous Opus model. In response to these capabilities, Anthropic decided to launch the Project Glasswing program. This is a closed program with trusted access, meaning only select organizations can participate. Among these organizations are US government agencies and major technology partners like Apple, Amazon, and Microsoft. Anthropic has invested up to $100 million in Claude credits to support this effort. The goal is to limit access to around 200 select organizations, ensuring that these capabilities are used responsibly.
On June 12, 2026, Anthropic suddenly suspended access to both Claude Mythos 5 and Claude Fable 5 for all Glasswing partners. The company stated that it was working closely with the US government to restore access as soon as possible.
The suspension left critical infrastructure defenders without access to the model’s advanced capabilities in threat detection and vulnerability identification.
According to Anthropic, as of June 27, 2026, the US government has officially notified Anthropic that Claude Mythos 5 can be redeployed to a defined group of US organizations operating and defending critical infrastructure. Anthropic has confirmed that it is acting quickly to restore access for these validated entities.
The company has also stated that it will continue to collaborate with the government towards a broader expansion of access to Mythos 5 and the return of Claude Fable 5, its most capable general-use model for unrestricted use.
This development has significant implications for the cybersecurity community.
Defenders working in critical sectors like energy, healthcare, financial services, and telecommunications will once again have access to a tool that can quickly find zero-day vulnerabilities on its own.
The resumption of the use of this tool is taking place gradually and with great care, both by Anthropic and the US government. The goal is to utilize the most advanced artificial intelligence capabilities to strengthen national defense against cyberattacks, while also being mindful of controlling the risks associated with the use of these technologies for offensive purposes.
