Key Highlights –
- A configuration error in Anthropic’s content management system left nearly 3000 internal assets in a publicly searchable data store, including a draft blog post describing a new model called Claude Mythos, which is the part of a new tier codenamed Capybara, sitting above the existing Opus tier
- Anthropic confirmed the model to Fortune on March 26, calling it “a step change” and “the most capable we’ve built to date,” with advances in reasoning, coding, and cybersecurity.
- The draft itself warns that Mythos poses unprecedented cybersecurity risks, describing it as “far ahead of any other AI model in cyber capabilities” and capable of enabling attacks that outpace defenders, the same day cybersecurity stocks dropped on the news
Anthropic did not plan to announce Claude Mythos this week. The discovery came from security researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge, who found the exposed data store and brought it to Fortune, which reviewed the materials and contacted Anthropic on Thursday.
The company restricted public access shortly after, attributing the incident to “human error” in the CMS configuration. A default setting had made uploaded files publicly accessible unless explicitly changed. The irony needs one sentence. A company building what it describes as the most cybersecurity-capable AI model ever developed had that model revealed through a basic CMS configuration error.
Claude Mythos Blog Post
Saved before it was taken down.https://t.co/6XIw1LKnkA
— M1 (@M1Astra) March 27, 2026
What the Leak Actually Says
Two draft versions of the same blog post surfaced online – one using the name Mythos throughout, one substituting Capybara. Both share a subtitle: “We have finished training a new AI model: Claude Mythos.” Anthropic told Fortune the two versions reflect the company still deciding between name candidates for the same underlying model.
Capybara is described as a new product tier, positioned above Anthropic’s current Opus line, which was until now its most capable offering. The draft states that Capybara “gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity” compared to Claude Opus 4.6. Anthropic’s own spokesperson confirmed the substance of that to Fortune and stated, “We’re developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity.”
The model is also described as “very expensive for us to serve, and will be very expensive for our customers to use.” Anthropic says it is working on efficiency improvements before any general release. No timeline has been given. The parallel to OpenAI’s GPT-4.5, which was launched at a price point that limited adoption before being discontinued, is worth watching. Whether Mythos faces the same ceiling depends on how quickly Anthropic resolves the cost problem before a general release.
The Cybersecurity Warning Is the More Consequential Detail
The capabilities claim is interesting. The safety concern around it is more significant.
The leaked draft describes Mythos as posing “unprecedented cybersecurity risks,” stating the model is “far ahead of any other AI model in cyber capabilities” and could “presage an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.” Anthropic’s response to this is a restricted rollout: early access is limited to organisations focused on cybersecurity defence, giving them a head start before any broader availability.
This is not a hypothetical concern for Anthropic. In November 2025, the company disclosed that a Chinese state-sponsored group had exploited Claude Code to infiltrate roughly 30 organisations. The company disrupted the campaign, but the precedent is established. Mythos, described as dramatically more capable in the cyber domain than anything Anthropic has previously released, raises that risk profile further. Cybersecurity stocks fell following Thursday’s news, which is a market signal that the concern landed with people who price risk for a living.
You may also like to read – Google Lyria 3 Pro Generates 3-Minute Tracks With a Licensing Claim
What Remains Unconfirmed
Anthropic has confirmed the model exists, is in testing, and represents a step change. What it has not confirmed is the final product name, the specific tier structure, a release date, or the exact benchmark figures cited in the leaked draft. The draft is described by Anthropic as an early version of content being considered for publication, which means the specific framing, including the cybersecurity risk language, may yet be revised before any formal announcement.
Wrapping Up
Claude Mythos is real, confirmed, and in limited testing. The cybersecurity concern embedded in Anthropic’s own draft is the detail that matters most for the industry. This is not because it is unusual for a frontier model to raise dual-use questions, but because Anthropic’s own documents frame the risk in unusually direct terms. The company that has built its identity around safety-first AI development is now navigating the release of a model it internally describes as capable of outpacing the defenders it claims to prioritise. How it resolves that tension in practice and not just in rollout strategy, is the question the next announcement will need to answer.
