Anthropic Restores Claude Mythos 5 Access for Select US Critical Infrastructure Organizations

Anthropic has confirmed that Claude Mythos 5, its strongest cybersecurity model, can be redeployed to selected U.S. organizations that operate and defend critical infrastructure.

The partial restoration follows a U.S. government directive that forced Anthropic to suspend access to Claude Mythos 5 and Claude Fable 5 on June 12. According to Reuters, more than 100 trusted organizations are expected to regain access to Mythos 5.

Anthropic said it is restoring access quickly for approved organizations while continuing talks with the government about expanding Mythos 5 availability and bringing Claude Fable 5 back for general use.

What Changed With Claude Mythos 5 Access

The latest decision partially reverses a broad restriction imposed earlier in June. Anthropic said the government has now allowed Mythos 5 to return for a defined group of U.S. entities tied to critical infrastructure defense.

This does not mean Mythos 5 is returning as a public model. The redeployment remains limited, and access is still controlled through a trusted program.

The decision matters because Mythos 5 is designed for high-end cybersecurity work. Anthropic has described it as a model with unusually strong ability to find software vulnerabilities and support defensive security operations.

Item	Status
Claude Mythos 5	Allowed for selected U.S. critical infrastructure organizations
Claude Fable 5	Still unavailable for general use at the time of the update
Access model	Restricted, trusted-access deployment
Main use case	Defensive cybersecurity and vulnerability discovery
Government role	Review and approval of access for selected organizations

Why Access Was Suspended Earlier

On June 12, Anthropic said the U.S. government issued an export control directive that required the company to suspend access to both Fable 5 and Mythos 5.

In its June 12 statement, Anthropic said the directive cited national security authorities and applied to foreign nationals, including foreign national employees inside the United States.

Anthropic said the order forced it to disable access for all customers to ensure compliance. The company also said the government did not provide specific details about its national security concern at the time.

Mythos 5 Is Built for Advanced Cybersecurity Work

Anthropic introduced Claude Mythos 5 as part of a broader launch alongside Claude Fable 5. The company said Mythos 5 uses the same underlying model as Fable 5, but with safeguards lifted in some areas for approved cyberdefenders and infrastructure providers.

The Claude Fable 5 and Mythos 5 launch post described Mythos 5 as Anthropic’s strongest cybersecurity model and said it would initially be deployed through Project Glasswing in collaboration with the U.S. government.

That restricted design reflects the model’s dual-use nature. The same capabilities that can help defenders find serious software flaws could also help attackers if released without tight controls.

• Mythos 5 is focused on cybersecurity and defensive use cases.
• Fable 5 uses the same underlying model but includes broader safeguards.
• Mythos 5 is not a general public release.
• Access is tied to trusted organizations and critical infrastructure defense.
• Anthropic is still working with the government on broader access rules.

Project Glasswing Is the Main Deployment Channel

Project Glasswing is Anthropic’s program for giving vetted defenders access to advanced AI capabilities so they can find and fix vulnerabilities in critical software.

Anthropic launched Project Glasswing in April with partners including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.

The project was created because Anthropic said Claude Mythos Preview had reached a level where it could find and exploit serious software flaws at a speed and scale that would reshape cybersecurity.

Glasswing Had Already Expanded Before the Suspension

Before the June 12 suspension, Anthropic had started widening access to the program. The company said early partners were already using Mythos Preview to scan codebases for security issues.

In the Project Glasswing expansion announcement, Anthropic said it was adding about 150 new organizations in more than 15 countries. The added partners included organizations in power, water, healthcare, communications, and hardware.

The new redeployment is narrower than that earlier international expansion. It focuses on U.S. organizations that operate and defend critical infrastructure, based on the latest government approval.

Timeline	Event
April 2026	Anthropic launched Project Glasswing with initial partners and Claude Mythos Preview
May 2026	Anthropic said partners had found more than 10,000 high or critical security flaws
June 2, 2026	Anthropic announced an expansion to about 150 more organizations
June 9, 2026	Anthropic launched Claude Fable 5 and Claude Mythos 5
June 12, 2026	U.S. government directive led Anthropic to suspend access
June 27, 2026	Anthropic confirmed a limited Mythos 5 redeployment for approved U.S. entities

Why Critical Infrastructure Organizations Are First

Critical infrastructure operators manage systems that support power, water, healthcare, communications, finance, transport, and other essential services. Software flaws in these environments can create public safety, economic, and national security risks.

Anthropic’s initial Project Glasswing update said its partners had found more than 10,000 high or critical severity vulnerabilities in the first weeks of the program.

That scale explains why the government-approved redeployment focuses first on defenders. If advanced AI can rapidly find serious flaws, infrastructure operators may need access before adversaries develop or obtain similar capabilities.

What Makes Mythos Different From Fable

Anthropic says Claude Fable 5 is a Mythos-class model made safe for general use. Fable 5 includes safeguards that redirect some sensitive requests to a less capable model.

Mythos 5, by contrast, is intended for a smaller group of cyberdefenders and infrastructure providers. The model launch page says Mythos 5 has safeguards lifted in some areas because approved defenders need access to more advanced cybersecurity capabilities.

That split gives Anthropic a way to offer broad access to a safer general model while keeping the most sensitive cybersecurity capabilities inside a controlled program.

Government Controls Are Still Controversial

The limited restoration also raises questions about who decides which organizations receive access to frontier AI systems. Some critics argue that government-controlled access lists can create uncertainty and uneven market treatment.

Reuters reported that the government’s role in choosing approved organizations has drawn criticism from free-speech and policy observers. The report also said many approved companies are part of Project Glasswing.

Since June 12, we’ve been working closely with the US government to restore access to Claude Mythos 5 and Fable 5. Today, the government notified us that Mythos 5, our strongest cybersecurity model, can be redeployed to a set of US organizations that operate and defend critical…

— Anthropic (@AnthropicAI) June 27, 2026

Anthropic has said it supports government authority to block unsafe deployments, but wants that process to be transparent, fair, clear, and grounded in technical facts.

What This Means for Cyber Defenders

For approved organizations, restored Mythos 5 access could improve vulnerability discovery, code review, exploit analysis, and defensive testing. It may also help teams find security flaws before attackers can weaponize them.

Anthropic said Project Glasswing partners would use Mythos Preview for tasks such as local vulnerability detection, black box testing, endpoint security, and penetration testing of systems.

That type of work could be especially useful for organizations with large codebases, complex legacy systems, and limited time to patch critical software before exploitation risk rises.

• Security teams may use Mythos 5 to scan large codebases.
• Infrastructure providers may test critical systems before attackers do.
• Open-source maintainers may receive faster help finding severe bugs.
• Defenders may need stronger processes for triage and patch deployment.
• Access controls will remain central because the model has dual-use capability.

The Broader AI Security Question Remains

The redeployment solves one immediate problem for selected U.S. defenders, but it does not settle the larger policy debate. Frontier AI models are becoming more capable at cybersecurity, and governments are trying to decide how to manage the risk without slowing defensive use.

Anthropic’s suspension statement argued that commercial model recalls should follow a transparent and technically grounded process. The company also said it was complying with the directive while working to restore access.

The latest limited restoration shows that Anthropic and the U.S. government are still trying to find that balance. The immediate priority is giving approved defenders access to Mythos 5 while keeping broader access restricted until additional safeguards and policy decisions are resolved.

What Happens Next

Anthropic says it will continue working with the government to expand Mythos 5 access and return Fable 5 to general availability. No full public timeline has been announced.

The Glasswing expansion plan suggests Anthropic still wants broader participation across industries and countries over time. However, the latest approval shows that near-term access will remain more selective.

For now, the key development is clear: Claude Mythos 5 is coming back first for U.S. critical infrastructure defenders, not for the general market.

FAQ