Mythos, Fable, and the New Security Arms Race

Cyber Thoughts Newsletter

JUNE 2026

Fable, a Mythos-level model is Live

About an hour ago, as of this writing, Anthropic released the Mythos model to the public as Fable. 

Claude Fable 5 is a Mythos-level model built for your most ambitious, long-running projects. Try problems you weren’t able to solve with other models. Claude Fable 5 is thorough, proactive, and tests its own work.

Fable is Mythos for us plebes. It has been neutered of its cybersecurity chops by having any request deemed dangerous being sent off to Opus. When researching this our intern had a request about the difference between Fable and Mythos kicked out to Opus. He is new here so he hasn’t learned how to jailbreak an AI, that’s his project for next week. 

Below are our thoughts on Mythos, which has abilities Fable does not. For more on that, see the first link in our What We’re Reading section below. 

Mythos Update

We continue to get asked questions regarding Anthropic’s advanced model, Mythos, and its effects on cybersecurity, so here is an update.

The model appears to have lived up to the hype with its ability to find security flaws in software. What may be more interesting is the cost. At 5X the cost of Opus, it is blowing out the budgets of some security teams that have access to it.

The issue is that there isn’t much of a choice. Either you spend the money now, or you get breached in the near future when a model this powerful becomes available to a wider audience.

Who Benefits?

Obviously, Anthropic. They get to charge a hefty premium, and it helps them with the government, which recently tried to blackball them, only to do an about-face.

Another obvious winner is companies that sell patching solutions. Given that a software patch is essentially a map of the flaw being fixed, and that an LLM can reverse-engineer an exploit from that patch, the need to patch systems in near real time becomes critical.

Finally, secure coding tools will remain valuable. It is far more cost-effective to use smaller models tuned specifically for code review than to rely on an expensive frontier model later in the deployment process.

National Security

Our new DNI, Director of National Intelligence, Bill Pulte, is also the head of the Federal Housing Finance Agency.

Putting politics and qualifications aside, the head of the DNI should not have the job as a side hustle. It is a full-time role with people’s lives literally on the line. Having it serve as a second job suggests a lack of seriousness about the position.

The role of the Director of National Intelligence (DNI) was created in the aftermath of 9/11 to improve information sharing among the 18 agencies that make up the U.S. Intelligence Community. The 9/11 Commission concluded that the government possessed much of the information needed to detect and potentially disrupt the plot, but that information was scattered across different agencies and never assembled into a coherent picture.

The DNI exists to prevent exactly that kind of failure. The job is to ensure that relevant intelligence flows across agencies, that threats are understood holistically, and that decision-makers have a complete view of the risks facing the country.

Every previous DNI has come from the national security world, with deep experience in intelligence, defense, diplomacy, or law enforcement. They understood how the agencies operate and, perhaps most importantly, didn’t treat the position like a college minor.

Running the U.S. intelligence community feels like the sort of thing you’d want someone focused on full-time, but maybe we’re just old-fashioned.

Acting Director Pulte should choose one role and give up the other.

Lastly, if you appreciate our highlights and heresies, follow us on Twitter and LinkedIn, we post regularly about real things worthy of your attention.

What We're Reading

Here's a curated list of things we found interesting.

Claude Fable: Next generation of intelligence for the hardest knowledge work and coding problems.

As one might expect, Fable has safeguards that Mythos did not.

Claude Fable 5 includes robust safeguards for cybersecurity and biology. Queries in these domains are automatically routed to Opus 4.8 if flagged by these safeguards. You won't be charged Fable prices for rerouted requests. Learn more about how the fallback experience works.

Citizens Q1 2026 Cybersecurity Market Update

Some great data and really pretty graphs from the team at Citizens Bank. While the overall security market has a 12.5% CAGR the AI security market is growing at a 24% CAGR. Would have been nice if it was exactly 2X. ¯\_(ツ)_/¯

Cyber entered 2026 with strong momentum despite broader software market volatility. ~$5B raised in Q1 (up ~60% YoY), and cyber comps trade at a premium to broader software (3.8x vs 3.1x EV/2026E revenue), reflecting the non-discretionary nature of security spend.

When AI Builds Itself: Our Progress Towards Recursive Self-Improvement, and Its Implications

Anthropic urges pause in AI development, flags Recursive Self-Improvement risks. Kinda a mixed message from Anthropic: We think everyone should slow down… but we raised $65 billion.

We believe it would be good for the world to have the option to slow or temporarily pause frontier AI development to enable societal structures and alignment research to keep up with the advance of the technology.

Transactions

Deals that caught our eye.

Akamai acquires Israeli AI browser security startup LayerX for $205 million in cash

Akamai Technologies is acquiring Israeli cybersecurity startup LayerX Security, which develops solutions for browser-based AI usage control and secure enterprise browser (SEB) technology, for approximately $205 million in cash.

Podcasts

What we’re listening to.

Risky Business Soap Box – Ed Woo: The Vulnerability Apocalypse and the Autonomous SOC 

In this episode, Patrick Gray sits down with Drop Zone founder Ed Woo to discuss how AI is forcing a fundamental shift in enterprise defense. 

They talk about:

• The looming "vulnerability apocalypse" driven by AI models will make the initial network breach essentially inevitable.

• To survive, enterprise cybersecurity must shift toward autonomous detection that operates at "machine scale and machine speed".

• Internal teams are dangerously "vibe coding" their own AI agents; the ongoing maintenance burden of these DIY scripts proves why consolidated, enterprise-grade platforms are the only viable solution.

• By automating "tier one" alert triage, human SOC analysts will be up-leveled to act as strategic "field generals" rather than manual coders.

About Lytical

Lytical Ventures is a New York City-based venture firm investing at the intersection of Cybersecurity and AI. We aim to be the most connected, most helpful team for founders, investors, and anyone else who cares about cybersecurity and its adjacencies.