Claude Fable 5 / Mythos launch & capabilities
Anthropic shipped Claude Fable 5, the publicly available "safe" variant of its Mythos-class frontier model, with day-zero availability across Claude Code, Cursor, OpenRouter, and fal (@claudeai, @openrouter). Anthropic framed it as their most capable model ever made generally available, built for "long-running, ambiguous work: legacy migrations, gnarly production bugs and async sessions that run for hours or days" (@openrouter). It sets a new state of the art on CursorBench at 72.9%, 8 points above the previous best (@jeremyphoward), and internal testers report a "major-version-bump" step change for long-horizon coding (@bcherny, @karpathy via @bcherny RT).
Vibes converged on the "big model smell" framing — slow, expensive, and capable of crunching nearly anything thrown at it (@simonw, last30days, simonwillison.net). Ethan Mollick said he fed it a 15-page design doc and it worked autonomously for 9+ hours with strong results (@emollick), and swyx noted FrontierCode Diamond shows Fable/Mythos solving tasks measured in dozens of human-hours and hundreds of dollars per task "for the first time ever measured" (@swyx). Lech Mazur's Short-Story Creative Writing Benchmark places Fable 5 (high) second behind GPT-5.5 (xhigh), ahead of Opus 4.8 (@tszzl).
Tooling caught up fast: Boris Cherny shipped nested subagent support (depth=5) in Claude Code and reset 5-hour/weekly rate limits (@bcherny), and Anthropic announced a June 13 SF Build Day with a $150K Claude-credit prize pool (@claudedevs). Hacker News surfaced reports that Fable hit the $200/month Claude Max tier within 30 minutes of release (last30days, news.ycombinator.com via twitter.com/bridgemindai).
Backlash to Anthropic safety guardrails & sandbagging
The system card revealed Anthropic is invisibly nerfing Fable 5 on frontier-LLM-development tasks via prompt modification, steering vectors, and PEFT — affecting an estimated 0.03% of traffic, with no user notification (@the_only_signal, @garymarcus). Cyber and bio requests auto-reroute to Opus 4.8, shown in the UI and billed at Opus prices (@claudedevs), but users report 50–60% of unrelated requests are being flagged and rerouted, calling the model "borderline unusable" (@the_only_signal). Gary Marcus reported guardrails were broken within an hour of release (@garymarcus).
Clem Delangue called the deliberate AI-R&D sandbagging "very very sad for the research community" and "crazy" that it's invisible to users (@clementdelangue). Jeremy Howard argued third-party evaluators can no longer credibly use Fable for hard AI R&D evals — they can't distinguish a true capability failure from a classifier block (@jeremyphoward, @sayashk RT) — and that allowing the top lab unrestricted self-use while sabotaging others actively widens the power imbalance (@jeremyphoward). Anthropic also has 30-day data retention with no opt-out, even for enterprise (@the_only_signal), and Alex Finn flagged that Fable subscription access ends June 22, becoming pay-per-token only (@alexfinn).
Cybersecurity vulnerabilities, exploits & AI-powered malware
A heavy disclosure day from The Hacker News: a Chrome V8 zero-day (CVE-2026-11645) under active exploitation, a critical Veeam Backup RCE (CVE-2026-44963, CVSS 9.4), six new protobuf.js code-execution flaws affecting Node.js, cloud SDKs, CI/CD and AI systems, a Microsoft Defender "RoguePlanet" zero-day on fully patched Windows 10/11, and a ServiceNow access flaw with confirmed instance-table queries against real customers (@thehackersnews). The browser-side FROST side-channel times SSDs from JavaScript to fingerprint which sites and apps a user has open — up to 95% accurate, no fix yet (@thehackersnews).
The AI-malware story leveled up: an autonomous worm using a local open-weight LLM (no API key) replicated to 62% of a 33-host test network in 7 days while parsing fresh CVE advisories to find new attack paths (@thehackersnews). PyPI was hit by "Hades," 37 poisoned wheels across 19 packages that run before import and steal GitHub, cloud, CI/CD, SSH, Docker, and dev secrets (@thehackersnews). Gary Marcus disclosed a Meta AI exploit that compromised 34,000 Instagram accounts including a Space Force official's used for anti-Iran-war messaging (@garymarcus, @MikeIsaac RT). Peter Steinberger landed an OpenClaw install policy letting operators gate plugin/skill installs with a trusted local executable (@steipete).
Gemini 3.5 Live Translate & Google audio AI
Google DeepMind launched Gemini 3.5 Live Translate, a low-latency speech-to-speech model spanning 70+ languages and 2,000+ pairs that preserves pitch, pacing, and tone, with auto-language-detection and robust noise filtering (@googledeepmind, @googleaistudio, @_philschmid). It ships in Google Translate (Android/iOS), the Gemini API public preview, AI Studio, and Google Meet (private preview) — Philipp Schmid called it "the beginning of the end of language barriers" (@_philschmid).
Open-source AI, Hugging Face partnerships & sovereignty
Arcee became the first major American AI lab to replace AWS S3 with Hugging Face for all models and datasets — public and private — in a multi-million-dollar deal (@ClementDelangue, @huggingface RT, @_akhaliq). Cohere open-sourced North Mini Code, a 30B/3B-active MoE coding model with 256K context, Apache 2.0, day-zero on vLLM (@clementdelangue, @vllm_project) — Nick Frosst pitched it as the inverse of Mythos: "small, open source, transparent and sovereign vs large, expensive, proprietary and hegemonic" (@nickfrosst via @clementdelangue). Jeremy Howard moved GPU MODE datasets to a new Researcher Reciprocity License — "if you train on it, you let us generate" — as pushback against frontier labs consuming OSS while restricting researchers (@jeremyphoward).
Infrastructure, RL frameworks & generative video/world models
vLLM introduced vime, a reference RL post-training framework built on slime's design, explicitly positioned to make vLLM the best rollout engine for the whole RL ecosystem (SkyRL, Prime-RL, NeMo-RL, verl) rather than a one-size-fits-all stack (@vllm_project, @simon_mo_). NVIDIA announced Confidential Computing on Google Cloud powering Apple's Private Cloud Compute extension to third-party data centers for Apple Intelligence/Gemini workloads on Blackwell (@nvidia), and a similar on-prem Deepgram voice-AI deployment with Fortanix (@nvidia). Microsoft Research's Mirage uses latent spatial memory for video world models, claiming 10.57× faster generation and 55× lower memory at SOTA WorldScore (@_akhaliq, @HuggingPapers RT).
Luma launched Ray 3.2 with multi-keyframe control, HDR/EXR, and motion transfer, plus the UNI-1 multimodal image model — both day-zero on fal (@fal, @LumaLabsAI). Bernini-R landed as a unified video generate-and-edit model with up-to-5 reference images (@fal). Gary Marcus flagged China's reported $295B, five-year national AI infrastructure plan targeting an 80%-domestic Unified National AI network by 2028, funded by govt debt and run on Huawei + domestic chipmakers (@garymarcus).
The Bottom Line
The day belonged to Claude Fable 5: a genuine capability jump on long-horizon coding paired with the most controversial safety regime Anthropic has ever shipped — invisible sandbagging of AI-R&D tasks, aggressive cyber/bio reroutes, no-opt-out retention, and a subscription cliff in two weeks. Around it, Google's Live Translate hit a real consumer milestone, open-source forces (Arcee/HF, Cohere) pushed back on closed-lab dominance, and a brutal cybersecurity news day — including an autonomous open-weight LLM worm — made the "dual-use" debate feel less abstract.