When the intelligence agencies of five nations issue a joint public statement, something has gone very wrong — or is about to. The Five Eyes alliance, comprising the US, UK, Canada, Australia, and New Zealand, rarely breaks cover like this. The last time was June 2026, warning about Chinese intelligence using LinkedIn to recruit government insiders. This time the target is bigger: frontier AI models that could, according to the agencies, “fundamentally transform both offensive and defensive cyber capabilities.” Their timeline? “Not years. Months.” Anthropic’s own published system card for its Claude Fable 5 and Mythos 5 models backs the concern, acknowledging these systems “pose a substantial risk of uplift to malicious actors.”
What “Agentic Hacking” Actually Means
These models don’t just answer questions — they plan and execute multi-step cyberattacks with minimal human oversight.
Agentic AI doesn’t stop at drafting emails. It plans and carries out complex tasks autonomously. Anthropic’s published system card describes Mythos-class models as excelling at “discovering and exploiting software vulnerabilities” — moving through reconnaissance, lateral movement, and exploitation in sequence, a capability the documentation calls “agentic hacking.” Independent benchmarks put Fable 5 at 91 out of 100 on senior-engineer-level tasks, operating with a one-million-token context window and extensive tool use. Anthropic built cybersecurity classifiers intended to block offensive uses, but the underlying capability exists.
Here’s what you need to know:
- Five Eyes agencies called for a “whole-of-organisation and whole-of-society” response, reframing cyber risk as a boardroom leadership issue
- Claude Mythos 5 is restricted to approved customers through a program called Project Glasswing — it is not publicly available
- Reports suggest the Trump administration blocked foreign nationals from accessing Fable, though those details remain unconfirmed via public documentation and may involve contractual or cloud-access rules rather than a formal public order
- Anthropic’s cybersecurity classifiers are designed to prevent offensive use, but the capability those classifiers sit on top of is real and potent
Treating AI Like a Strategic Export
Governments are approaching frontier model access with the same strategic caution they apply to advanced semiconductor exports.
The fear here isn’t a Terminator scenario where AI independently dismantles governments. The genuine concern is combined AI-enabled operations — infrastructure hacks, automated intrusion at scale, coordinated information warfare — converging at a threshold that seriously disrupts financial systems, government health, financial and legal services, or political stability. Olivia Shen, a national security and AI expert at the University of Sydney’s United States Studies Centre, warned that policymakers must assume “the next Mythos or the next Fable is just around the corner,” including from state-backed labs building models with fewer safety constraints, as reported by The Guardian.
That arms-race dynamic shapes the policy response now forming. A two-tier access model is rapidly becoming the de facto standard — Mythos 5 behind Project Glasswing is the working proof of concept. Mandatory risk disclosures, cybersecurity classifiers, and user vetting point toward a compliance regime being assembled in real time, treating frontier AI the way governments already treat high-end chip exports: as a strategic asset with serious proliferation risk. Your organisation’s approach to AI security is no longer an IT question. The most consequential models in this story may not even be the ones the public can see yet.
