Companies·3 min read·CNN

U.S. Clears Claude Mythos 5 for Infrastructure Defenders

Weeks after an export-control directive pulled Claude Mythos 5 offline worldwide, the U.S. government has cleared Anthropic to redeploy its most powerful cyber model — but only to a vetted set of organizations that defend critical infrastructure, and with safeguards attached.

CRITICAL INFRASTRUCTURE U.S. GOVERNMENT CLEARED CLAUDE MYTHOS ANTHROPIC · MYTHOS LINE Commerce Dept. lifts June 12 hold · June 27, 2026 BITSMINDS.COM Source: CNN · Anthropic
Share:

The U.S. government has cleared Anthropic to put Claude Mythos 5 — the model the company once described as a potential "cybersecurity reckoning" — back into the hands of a vetted set of organizations that operate and defend critical infrastructure. The decision, confirmed by Anthropic on June 27, comes barely two weeks after a federal export-control directive forced the company to pull Mythos 5 offline worldwide.

That hold took effect on June 12, when Anthropic suspended both Mythos 5 and the general-use Fable 5 to comply with a directive from the Commerce Department. According to CNN, Commerce Secretary Howard Lutnick has now determined that "appropriate safeguards are in place to permit certain trusted partners to access the Claude Mythos 5 Model," allowing a narrow redeployment rather than a full return to market.

Crucially, access is limited to a "defined set" of U.S. organizations charged with defending critical systems — spanning energy, financial services, healthcare and telecommunications — rather than the open developer market. The model returns through the same channel that has governed it from the start: Project Glasswing, Anthropic's vetted program that had grown to roughly 200 partners, among them government agencies and companies such as Apple, Amazon and Microsoft, before the suspension.

The tight leash reflects just how capable the model is at offensive cybersecurity. In testing detailed by Anthropic's red team, Mythos Preview generated 181 successful exploits against the Firefox JavaScript engine where the prior Opus model managed two, and achieved full control-flow hijack on ten separate, fully patched targets drawn from roughly 7,000 repository entry points. It surfaced a 27-year-old flaw in OpenBSD, a 16-year-old bug in the FFmpeg codec and a 17-year-old remote-code-execution vulnerability in FreeBSD (CVE-2026-4747). Anthropic says more than 99% of the vulnerabilities the model has found remain unpatched — the central reason the company has refused to put it in front of the general public.

For now, the broader restrictions stay in place. There is no public access to Mythos 5, and Fable 5, the first Mythos-class model intended for everyday use, has not yet returned. Anthropic says it is working with the government toward a wider expansion and the eventual reinstatement of Fable 5, but offered no timeline. The company has framed the moment carefully, acknowledging that the transition "may be tumultuous regardless" while arguing that, over the long run, "defense capabilities will dominate."

The episode is a live test of a question the industry has circled for months: whether a model powerful enough to find decades-old zero-days at scale can be released to the defenders who need it without arming the attackers it was built to outpace. Washington's answer, at least this week, is a conditional yes — pointed squarely at the operators keeping the lights, the networks and the payment rails running.

Want AI news before everyone else?

The morning's most important AI stories, straight to your inbox. No fluff.

Related Articles

FUNDING · PRIVACY-FIRST AIVenice AI Joins the UnicornsA $65M Series A led by Dragonfly — its first outside raise$65MSeries A$1BValuation$70MAnnual revenue3MActive usersEncrypted prompts, no data stored · 200+ open and closed modelsBITSMINDS.COM
Companies

Venice AI Joins the Unicorns With a $65M Raise

U.S. LIFTS THE EXPORT BANFable 5 and Mythos 5 cleared to returnAccess restored today — 18 days after a national-security shutdown.CLAUDEFABLE 5RESTOREDCLAUDEMYTHOS 5RESTOREDSUSPENDED JUN 12 · RESTORED JUL 1 · 18 DAYS DARKBITSMINDS.COMSource: CNBC
Companies

U.S. Lifts Export Ban on Claude Fable 5 and Mythos 5

ENTERPRISE AI · SERIES A$135M for the Software FactoryChamath Palihapitiya’s 8090 Labs raises a Salesforce-led round« »Raw promptSoftware FactoryProduction code{ }BITSMINDS.COM
Companies

8090 Labs Raises $135M, Chamath Steps In as CEO