Has Anthropic really already trained Mythos 6?

AI analyst Andrew Curran reported on X on June 21, 2026 that a stronger Mythos successor has completed training. Anthropic has not officially confirmed it, and the model could ship as Mythos 5.1, Mythos 6, or stay internal. Curran has a strong track record on Anthropic developments.

Why are Fable 5 and Mythos 5 still banned?

On June 12, 2026 the US Commerce Department issued an export control directive suspending access for any foreign national, inside or outside the US. Because nationality can't be verified per API call at scale, Anthropic turned both models off globally. The directive remains legally in force.

Can the government ban Anthropic from training the next model?

No. The directive bans serving Fable 5 and Mythos 5, not developing successors. Anthropic has no legal obligation to pause capability research while a deployment sits under embargo — and the compute freed by the suspension can be redirected to training.

When might Fable 5 access be restored?

Anthropic's privacy policy was updated around June 16 with a July 8 effective date adding biometric verification, suggesting groundwork for US-citizens-first restoration. Prediction markets price roughly 57% odds of restoration before July 1.

Anthropic Already Trained Mythos 6 While Its Most Powerful Models Sit Banned by the US Government

Fable 5 and Mythos 5 remain suspended under a US export control order. The successor is apparently already done.

The ban arrived at 5:21pm on a Friday. By Saturday morning, Anthropic's two most powerful models were dark — for every user, everywhere on earth. Ten days later, they're still down.

Yesterday, AI analyst Andrew Curran dropped this into the conversation: Anthropic has already trained a stronger successor. While Fable 5 and Mythos 5 sit suspended under a US government export control directive, the next Mythos is sitting in Anthropic's servers — finished, potentially more capable than anything the public has ever accessed.

"Stopping models like Fable 5 or Mythos 5 from being served to the public does nothing to slow down development," Curran wrote on X on June 21. "In fact, it probably speeds it up slightly by freeing up resources."

That's the part of this story nobody in mainstream coverage is talking about.

What Anthropic's Mythos Actually Is (And Why It's Different)

To understand why any of this matters, you need context on what Mythos-class capability actually means.

On April 7, 2026, Anthropic launched Claude Mythos Preview — but not to the general public. Access was limited to select organizations under Project Glasswing, a controlled program involving infrastructure providers including AWS, Microsoft, CrowdStrike, Google, and over 40 companies in critical infrastructure sectors.

The reason for the secrecy became obvious once Anthropic published its technical assessment. In testing, Mythos Preview fully autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD, catalogued as CVE-2026-4747 — allowing an unauthenticated attacker to gain root access over a network. No human in the loop after the initial request. Just: find the bug, write the exploit, done.

That level of autonomous vulnerability discovery had never been demonstrated by any publicly available model. The work that previously required elite security researchers could apparently be done via an API call — exactly the kind of leap reshaping the Claw Era of agentic AI systems.

Anthropic positioned it as a defensive asset — a way for critical infrastructure operators to find and patch vulnerabilities before attackers got there first. Project Glasswing gave vetted partners that access for exactly this purpose. But the dual-use reality was impossible to ignore: a model this capable at finding and exploiting vulnerabilities is, by definition, also a powerful offensive weapon. That tension never went away. It just went underground for two months.

June 9, 2026: The Fable 5 / Mythos 5 Launch

Two months of controlled Glasswing access ended on June 9, when Anthropic launched two models simultaneously — and the naming choice was intentional.

Claude Fable 5 is a Mythos-class model built for general use. Same underlying capability, but with safety classifiers that detect and reroute high-risk queries in cybersecurity, biology, chemistry, and model distillation. When Fable 5 decides a query crosses into dangerous territory, it falls back to Claude Opus 4.8. Anthropic's own data showed this triggers in fewer than 5% of sessions.

Claude Mythos 5 is the same model without those classifiers — still restricted to Project Glasswing partners and vetted biology researchers, now updated to the latest capabilities.

The commercial logic was sound. Fable 5 brought frontier-tier AI to the mass market for the first time, priced at $10/$50 per million tokens — less than half the Mythos Preview pricing. For how that stacks up against rivals, see our breakdown of the best AI agent coding token plans for 2026. Anthropic had done thousands of hours of red-teaming with the US government, UK AISI, and multiple private organizations before launch. The company was explicit about the trade-off: perfect jailbreak resistance isn't achievable, so they built defense-in-depth — strong classifiers, 30-day traffic retention, and monitoring to catch novel attacks.

And then, three days later, the Commerce Department called.

The Fable 5 Ban: What Happened on June 12

At 5:21pm Eastern on June 12, 2026, the US Commerce Department — invoking national security export control authority — issued Anthropic a directive: suspend all access to Fable 5 and Mythos 5 for any foreign national, whether inside or outside the United States. Including Anthropic's own foreign-born employees.

The practical problem was immediate. You cannot verify every API user's nationality in real time at scale. The only way to comply was to turn off both models for everyone, everywhere.

Anthropic did exactly that, while making its disagreement public.

The jailbreak at the center of the directive? In Anthropic's account, it essentially consisted of asking the model to read a specific codebase and identify software flaws — a technique that surfaced previously known, minor vulnerabilities that other public models, including OpenAI's GPT-5.5, can produce without any bypass. (For context on how GPT-5.5 actually behaves under pressure, see our GPT-5.5 hallucination benchmark vs GLM-5.2.) The company reviewed the government's evidence and concluded it provided no meaningful Mythos-specific capability that wasn't already available elsewhere.

"If this standard was applied across the industry," Anthropic wrote, "we believe it would essentially halt all new model deployments for all frontier model providers."

That argument has largely held under external scrutiny. Security researcher Katie Moussouris reviewed the original research paper (reportedly authored by Amazon security researchers) and described the bypass as something that "cannot meaningfully be fixed" without degrading the model's legitimate code-review function. Seventy-six cybersecurity experts — CEOs, CISOs, prominent researchers — signed an open letter to Commerce Secretary Howard Lutnick calling the directive counterproductive, and pointing out that pulling the best defensive tools from security teams while China's most advanced models remain freely available serves nobody's interests.

The political backdrop adds a layer of complexity. The Trump administration has had a fractious relationship with Anthropic since the company refused Pentagon contract terms requiring its models to be available for "any lawful purpose" — Anthropic sought exemptions from autonomous weapons and mass surveillance use cases. The Pentagon declared Anthropic a "supply chain risk" in March. Multiple reports identify Amazon — which has committed $25 billion to Anthropic — as the source that flagged the jailbreak to Commerce Department officials. Whether that was genuine caution or something more competitive is, to put it charitably, an open question.

Ten days in, both models remain offline. Trump told reporters at the G7 summit in Évian-les-Bains that he no longer views Anthropic as a national security threat after meeting Dario Amodei — but the Commerce Department directive is still legally in force. Prediction markets price roughly 57% odds of restoration before July 1.

Meanwhile: Andrej Karpathy, one of AI's most respected researchers and an Anthropic employee, was blocked from accessing his own company's models because he isn't a US citizen. That image captures the situation better than any analysis can.

Andrew Curran's Report: Training Never Stopped

Here's what got buried in the ban coverage.

On June 21 — nine days into the suspension — AI analyst Andrew Curran posted on X that a stronger Mythos successor had already completed training. It could ship as Mythos 5.1, Mythos 6, or stay entirely internal. Anthropic hasn't confirmed. But Curran, who has a strong track record on Anthropic developments, says it's done.

His explanation for the speed: compute that would have been used to serve Fable 5 and Mythos 5 was suddenly freed. You can't serve suspended models. You absolutely can use that same infrastructure to train the next one.

"The current continues to rage beneath the ice, and we continue to race toward our destination," Curran wrote.

There are no rules preventing this. Anthropic has no legal obligation to pause capability development while a deployment sits under embargo. Labs can train quietly, keep progress internal, and release on their own schedule — or not release at all. Zhipu AI released GLM-5.2 during the same week this drama was unfolding, and a wave of capable open-weight models like MiniMax M3 kept shipping regardless. The competition doesn't pause for US export control proceedings.

This is the part of the story that cuts through all the policy debate: the government banned serving a model. It didn't — and can't — ban training the next one.

Launch Your AI Project on SaaSCity

In a landscape where API access to frontier models can be pulled overnight by government mandate, distribution and early user acquisition matter more than ever. Whether you're building on Claude, GPT-5.5, or self-hosted open weights, getting your startup in front of the right audience is what keeps you alive when one endpoint goes dark.

List your tool on SaaSCity — the gamified startup directory where you claim a building on an interactive 3D city map. It's an easy way to build high-quality free backlinks that raise your Domain Rating, boost SEO, and get discovered by thousands of founders and early adopters. Submit your SaaS for free today.

Gatekept, Neutered, or Something More Complicated?

The honest answer is that both skeptics and optimists have a piece of the truth here.

The skeptics are right that governments have now demonstrated they can and will intervene when frontier model capabilities cross certain thresholds. Fable 5 was the "safe" version — Anthropic built extensive safeguards, spent months red-teaming, deployed a fallback architecture, required 30-day data retention. It still got globally suspended on the basis of a narrow jailbreak that apparently affects comparable models already on the market. If that's the standard, future Mythos-class models face a real deployment problem in any jurisdiction with an active export control regime.

The practical restoration path suggests a tiered future. Anthropic's privacy policy, updated quietly around June 16 with an effective date of July 8, adds biometric verification — passports, government IDs, facial geometry. That's groundwork for a US-citizens-first restoration that wouldn't require fully lifting the directive. If that's the model going forward, "the most capable AI available" starts meaning something different depending on which passport you hold.

The China competitive angle matters here. Every week Fable 5 and Mythos 5 stay offline is a week open-source alternatives and non-US labs gain ground with enterprise customers who need their pipelines running. The experts' letter to Lutnick made this explicit: pulling the best defensive tools from security teams without strong technical justification doesn't close any gap with adversaries. It opens one. This is exactly why resilient teams keep fallback endpoints ready — see our guides to self-hosting alternatives and open-source AI SaaS boilerplates for how to avoid single-vendor lock-in.

But the optimists have something too. The ban slows deployment, not development. Andrew Curran's successor report makes that concrete. Whatever Anthropic trained last week is more capable than what got banned. The lab isn't stopping. OpenAI isn't stopping. The compute keeps running regardless of whether the API endpoint is live.

Ironically, Dario Amodei published an essay on June 10 — one day after Fable 5 launched, two days before the ban — calling for exactly the kind of pre-release government framework that might have prevented this: a statutory process with clear standards, independent technical evaluation, and advance coordination with labs. The government then used exactly that authority in the exact way Anthropic had warned against.

The real governance failure here isn't that intervention happened. It's that the intervention was reactive, unilateral, non-transparent, and arguably triggered by competitive dynamics rather than genuine safety evidence. Getting this right — distinguishing narrow from universal jailbreaks, defensive from offensive use cases, what genuinely warrants restriction from what amounts to regulatory theater — is the hard work that hasn't been done yet.

What Comes Next

Short term: Watch for whether Anthropic and Commerce reach a settlement that restores US-citizen access through biometric verification. The July 8 policy effective date gives a rough timeline. Prediction markets currently suggest this is more likely than not by mid-July.

Medium term: Every frontier lab releasing at the Mythos capability tier should now plan for the possibility that a government directive could suspend deployment within hours, on the basis of evidence that isn't disclosed until after the fact. That changes how you think about phased rollouts, data retention, and government pre-briefing.

Longer term: The successor model Curran describes is already done. The capability keeps advancing. The fundamental tension — between genuine dual-use risks that deserve serious treatment and blunt deployment bans that can't actually slow training — isn't going away. The question is whether policy matures fast enough to make meaningful distinctions, or whether blanket restrictions become the default response every time something genuinely powerful is released.

Anthropic trained the next Mythos while the current generation sat banned. Development didn't pause. The ice is holding, but the current underneath keeps moving.

Where Do You Think This Goes?

The most powerful AI systems might be heading toward permanent tiering — government programs and vetted partner networks at the frontier, publicly available "safeguarded" versions for everyone else, with the gap between them growing wider each training run.

Or competitive pressure and commercial incentives force broader access, however restricted, because no lab can afford to let its enterprise customers migrate to whoever is shipping.

Curran framed it plainly: "None of them can afford to pause or slow down."

He's right. The question is who benefits from the next model when it arrives — and whether the policy framework around it is built on technical reality or reactive politics.

Will frontier AI stay gatekept, or does the market force it open? Either way, the labs that win distribution win the decade. If you're shipping an AI product, don't wait for the policy dust to settle — claim your building on SaaSCity and start compounding backlinks and traffic now.

Published June 22, 2026. Sources: Anthropic official statements (anthropic.com/news/fable-mythos-access), Andrew Curran on X, TechCrunch, Fortune, Bloomberg, Cybersecurity Dive, Al Jazeera. If you're building an AI product and want it in front of real users, SaaSCity is a free directory where every listing gets a 3D building on a live city map — a permanent indexed page with a high-DR backlink. Submit your SaaS and secure your launch today.