QWE AI Academy Here’s what you should be able to do by the end of this post: log into your Anthropic console (or Bedrock account), confirm whether your org sits on the newly unfrozen trusted list, flip Mythos 5 back on for your security team, and – if you’re not on the list – wire up a Fable 5 plus Opus 4.8 fallback that handles the majority of the same cyber workflow without breaking export rules.
That’s the goal. Let me walk you backwards through how to get there, because the news that just dropped is more actionable than most coverage is making it sound.
The Mythos AI news in one paragraph
On June 26, 2026, Anthropic said the US government is letting it redeploy Claude Mythos 5 – its strongest cybersecurity model – to a set of US organizations that defend critical infrastructure. This partially reverses the June 12 order that suspended access over national security concerns. A source familiar with the directive told Reuters that more than 100 companies and institutions, including many Fortune 500 firms, will get access. Most of them are already part of Anthropic’s Project Glasswing program.
Reaction online has been split between “finally” and “who decided this list?” John Coleman of the Foundation for Individual Rights and Expression pointed out that no published criteria exist for which companies are picked or why everyone else is excluded. Fair point. It also doesn’t change what you can do today.
What Mythos actually is (the 30-second version)
Fable 5 and Mythos 5 are the same underlying model. The difference: Fable 5 runs hard classifiers on cybersecurity and biology queries and routes those to Opus 4.8. Mythos 5 has those classifiers lifted for vetted partners. That’s it.
Why does the capability gap matter? The Anthropic red team benchmark on Firefox 147 put it starkly: Opus 4.6 turned vulnerabilities into working exploits 2 times out of several hundred attempts. Mythos Preview: 181 times. That’s not an incremental bump – it’s a different category of tool. The UK AI Security Institute’s evaluation found Mythos Preview could execute multi-stage attacks on vulnerable networks and discover exploitable bugs autonomously – work that would take human professionals days.
There’s something genuinely strange about this situation: the organizations best positioned to defend critical infrastructure are the ones who had to sit on their hands for two weeks waiting for a government permission slip to use a tool from their own vendor. Defenders wait; attackers don’t. That asymmetry is worth sitting with before we get into the setup steps.
Method A vs Method B: pick your path
Two paths. They look similar on paper. They’re not.
| Method A: Direct Mythos 5 | Method B: Fable 5 + Opus 4.8 fallback | |
|---|---|---|
| Who it’s for | Orgs on the trusted list (mostly Glasswing partners) | Everyone else |
| Cost (as of June 2026) | $10 / $50 per M tokens (in/out) | Fable 5 standard pricing; cyber queries silently use Opus 4.8 |
| Cyber capability | Full – classifiers lifted | Limited – routed to a weaker model when it matters most |
| Data retention | 30-day mandatory, all surfaces | 30-day mandatory for Fable 5 too |
| Time to start | Minutes (if pre-approved) | Minutes (no approval needed) |
The winner depends entirely on whether your name’s on the list. At $10/$50 per million tokens (as of June 2026), Mythos 5 is less than half the cost of Mythos Preview’s old $25/$125 pricing – so if you qualify, the upgrade case is straightforward. If not, Method B is your only legal option until the trusted access program expands.
The walkthrough: turning Mythos 5 back on
Assuming you’re on the redeployment list, here’s the actual sequence. Less dramatic than you’d think.
Step 1 – Confirm your access in the console
Log into console.anthropic.com. If your org is approved, the model picker shows claude-mythos-5 again. If access still appears unavailable, your org likely isn’t in the current cohort – check back as Anthropic has indicated access will expand.
Step 2 – Update your model ID
Same API contract as Claude. Swap the model ID:
from anthropic import Anthropic
client = Anthropic()
msg = client.messages.create(
model="claude-mythos-5",
max_tokens=4096,
messages=[{"role": "user", "content": "Audit this auth flow for IDOR."}],
)
print(msg.content[0].text)On Bedrock the ID is anthropic.claude-mythos-5. Per the AWS Bedrock model card: temperature must be 1.0 or unset, top_p must be ≥ 0.99 and < 1.0 or unset, and top_k is not supported. If you copied an old Opus pipeline that set temperature=0.2, you’ll get rejected. This trips up a lot of teams on day one.
Step 3 – Use Anthropic’s own scanning pattern
Most teams skip this. Turns out Anthropic’s red team doesn’t just dump a codebase at Mythos – they ask Claude to rank each file 1-5 by likelihood of containing interesting bugs (a 1 might define constants; a 5 parses internet data or handles auth) and start with the highest-ranked files. Copy that pattern. It’s the difference between a $50 scan and a $5,000 one.
After the scan, run a second pass asking Claude to confirm whether each finding is real and worth acting on. Anthropic uses a similar triage step internally to filter technically valid but low-value findings. It cuts your queue.
Step 4 – Plan for the 30-day data window
30-day retention on all Mythos-class traffic – on both the Anthropic API and third-party surfaces like Bedrock. Most teams don’t realize Bedrock is included. The data won’t be used to train new models, and it’s deleted after 30 days in almost all cases (per Anthropic’s Fable 5/Mythos 5 announcement). If you’re scanning code under NDAs or regulated workloads, run it past legal before you paste anything. This is the most overlooked detail in every Mythos write-up out there.
If you’re not on the list: the Fable 5 fallback
The catch: when you send a cyber-flavored prompt to Fable 5, the request hits a classifier, gets flagged as dual-use, and your response comes back from Opus 4.8. Silently. No error, no warning. Your prompt looks like it worked.
For threat modeling, code review, and standard SOC triage, Opus 4.8 is solid. For autonomous exploit development or deep vulnerability hunting in obscure parsers – it’s not the same tool. The Firefox 147 benchmark comparison (Opus 4.6 at 2 successful exploits vs. Mythos Preview at 181) gives you a sense of the ceiling difference, though note those numbers compare different model generations.
The workaround the security community has settled on: use Fable 5 for orchestration and reporting, route actual vulnerability-discovery prompts through Opus 4.8 directly so you at least know which model answered. Don’t pretend the rerouting isn’t happening.
Edge cases nobody’s talking about
- The 30-day retention window hits Bedrock too. Teams that run Mythos via Bedrock often assume they’re operating under AWS’s data terms. They’re not – Anthropic’s 30-day retention policy applies on all surfaces, including third-party ones. Run NDA-covered code past legal first.
- Adaptive thinking can’t be turned off. Per the AWS Bedrock model card, adaptive thinking is always on for Mythos 5. You can configure effort level, but you can’t get a quick cheap answer the way you can with Haiku. Budget accordingly on long agent runs.
- The benchmark gap you should actually look at. The gap is 11 points – Mythos 5 at 80.3% on SWE-bench Pro (as of June 2026), Opus 4.8 at 69.2%. That’s roughly the gap you’ll feel in real coding-agent work, not just security tasks.
- The unknown: vetting criteria aren’t public. Anthropic has said each new organization will need to meet security requirements before gaining access, but those requirements haven’t been published. Nobody outside the process knows the precise bar. Plan as if you won’t get in this quarter, and use Method B in the meantime.
FAQ
Can a small security consultancy get on the trusted list?
Realistically, not this wave. Current cohort is mostly Fortune 500 and critical-infrastructure operators.
Is Mythos 5 worth it if I’m not doing offensive security research?
Probably not. Mythos earns its premium in one specific scenario: autonomous vulnerability discovery in large, unfamiliar codebases – think scanning a 2-million-line C codebase for memory-safety bugs where you genuinely need the model to prioritize intelligently across thousands of files. For application code review, pull requests, or standard SOC triage, Opus 4.8 handles it well and costs less. You’d also be accepting 30-day retention overhead with no meaningful upside.
Will my existing Claude code break if I just change the model ID?
The sampling parameters will bite you. Strip explicit temperature, top_p, and top_k before switching.
Next action: open your Anthropic console right now, check if claude-mythos-5 is in the model dropdown, and if it is, run the file-ranking prompt from Step 3 on one repo before the weekend. That’s the smallest first move that tells you whether this changes your week.