By VFuture Media Tech Desk March 27, 2026
In a major embarrassment for one of the world’s leading AI companies, Anthropic suffered a significant data leak that has exposed the existence of its most advanced AI model yet — internally referred to as “Claude Mythos” (also tied to a new “Capybara” model tier). The leak, caused by a configuration error in the company’s content management system, made nearly 3,000 unpublished assets publicly accessible, including a detailed draft blog post announcing the model.
The draft documents, reviewed by Fortune and independently discovered by security researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge, reveal that Anthropic has already completed training on Claude Mythos and has begun limited testing with early-access customers. The company itself describes the model as a “step change” in capabilities and “by far the most powerful AI model we’ve ever developed.”
A New Tier Above Opus
Anthropic’s current flagship models follow a three-tier structure: Opus (most powerful), Sonnet, and Haiku. The leaked draft introduces “Capybara” as an entirely new, higher-end tier — larger, more intelligent, and more expensive than Opus. According to the document, Claude Mythos (under the Capybara branding) delivers “dramatically higher scores” than Claude Opus 4.6 on key benchmarks, including software coding, academic reasoning, and — critically — cybersecurity-related tasks.
An Anthropic spokesperson confirmed to Fortune that the company is “developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity.” They added: “Given the strength of its capabilities, we’re being deliberate about how we release it. As is standard practice across the industry, we’re working with a small group of early access customers to test the model. We consider this model a step change and the most capable we’ve built to date.”
Unprecedented Cybersecurity Risks Highlighted by Anthropic Itself
What makes the leak particularly alarming is Anthropic’s own frank assessment of the risks. The draft blog post explicitly states that the company believes Claude Mythos “poses unprecedented cybersecurity risks.” It describes the model as “currently far ahead of any other AI model in cyber capabilities” and warns that it “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”
The company’s planned rollout strategy reflects these concerns. Rather than a wide public release, Anthropic intends to prioritize early access for cybersecurity defenders to help them “improve the robustness of their codebases against the impending wave of AI-driven exploits.” The model is also noted as expensive to run and not yet ready for general availability.
This comes amid a broader industry trend. In February 2026, OpenAI similarly flagged its GPT-5.3-Codex model as posing “high capability” cybersecurity risks under its Preparedness Framework. Anthropic itself has previously reported real-world incidents where state-sponsored actors (including groups linked to China) attempted to weaponize earlier Claude versions for large-scale cyberattacks.
How the Leak Happened
The breach stemmed from “human error” in Anthropic’s external content management system (CMS). Assets created in the CMS default to public accessibility unless manually set to private, leaving a large cache of draft blog posts, images, PDFs, and other materials exposed in a publicly searchable data store. After Fortune notified the company, Anthropic quickly restricted access to the cache.
The leaked materials also included unrelated internal documents, such as details of an upcoming invite-only CEO summit in the U.K. that Anthropic CEO Dario Amodei is scheduled to attend.
Market Reaction and Broader Implications
News of the leak and the model’s capabilities has already sent ripples through financial markets. Cybersecurity stocks plunged in early trading as investors feared the new AI could supercharge offensive hacking tools.
Industry analysts note that frontier models like Claude Mythos represent a double-edged sword: powerful tools for defenders to identify and patch vulnerabilities faster than ever before, but also potential weapons in the hands of malicious actors if not carefully controlled.
Anthropic has emphasized a cautious approach, stating it wants to “act with extra caution and understand the risks it poses — even beyond what we learn in our own testing.”
What’s Next?
Claude Mythos remains in limited early-access testing. No public release date has been announced, and Anthropic has not commented further on the leak beyond acknowledging the CMS misconfiguration.
As AI capabilities continue to advance at breakneck speed, incidents like this underscore the growing tension between innovation and security in the frontier AI race. VFuture Media will continue to monitor developments and provide updates as more information emerges from Anthropic or affected parties.
Leave a Comment