Anthropic launched Claude Fable 5 today, June 10, a public version of its previously restricted Mythos model. Now, the most powerful vulnerability-finding AI ever built just became available to anyone with a subscription. For DeFi, the implications are immediate.
Until today, Mythos was locked behind Project Glasswing, accessible only to around 150 handpicked organizations, including Google, Microsoft, and JPMorgan. That version had already found over 10,000 critical vulnerabilities across the world’s most important software.
What Fable 5 Can and Cannot Do
Anthropic says Fable 5 comes with hard safety limits. In high-risk areas, including cybersecurity, biology, chemistry, and model distillation, the model blocks responses and falls back to Claude Opus 4.8.
Anthropic stress-tested its classifiers with jailbreak attempts before releasing Fable 5, running an external bug bounty that produced no universal jailbreaks across more than 1,000 hours of testing.
Sensitive cybersecurity requests trigger the fallback in less than 5% of sessions, meaning the vast majority of interactions proceed through Fable 5’s full capabilities.
For DeFi specifically, smart contract exploitation does not fit neatly into Anthropic’s blocked categories. Finding a vulnerability in a Solidity contract looks more like a coding task than a traditional cybersecurity attack.
Fable 5’s exceptional performance in software engineering is consistent, and the longer and more complex the task, the larger its lead over other models currently available. For an unaudited DeFi protocol running on publicly visible on-chain code, that distinction may matter enormously.
The Zcash precedent is already circulating in security circles. A lighter version of the Anthropic architecture found a critical flaw in the Zcash protocol within 24 hours, a vulnerability that had survived four years of scrutiny from some of the world’s best cryptographers.
Why DeFi Is Uniquely Exposed
Fable 5 alone represents a step change in the cost and skill required to probe smart contracts for weaknesses. White hat hacker MevenRekt, described the situation plainly: the cost and skill required to find exploitable flaws in smart contracts is about to drop to effectively zero.
Unaudited protocols become sitting ducks. Known exploits can be replayed on forks around the clock. Even small projects become worth targeting simply because trying costs next to nothing.
Anthropic itself warned last week that AI systems are advancing so quickly that they may soon achieve recursive self-improvement, autonomously improving without human intervention.
The advice from security experts is consistent and urgent: revoke token approvals, move funds to hardware wallets, and cut exposure to protocols you do not fully trust. Not tomorrow. Today.
