Anthropic is sitting on a new AI model called Mythos that's larger than its current flagship Opus and offers what the company believes is a significant leap in cyber capabilities, according to information that became public this week. The disclosure, combined with a full source code leak of Claude Code, reveals both the ambitions and vulnerabilities of one of AI's most closely watched companies .

What Is Mythos and Why Does Anthropic Want to Keep It Quiet?

The leaked information suggests Mythos represents a meaningful step forward in AI capabilities, particularly in cybersecurity-related tasks. According to commentary from AI researcher Zvi Mowshowitz, the strategic approach appears to be keeping the model internal until Anthropic feels ready to release it publicly. This reflects a broader tension in the AI industry: the pressure to demonstrate progress versus the desire to maintain competitive advantage and ensure safety measures are in place before deployment .

The decision to hold Mythos back contrasts with competitors like OpenAI, which has been more aggressive about publicizing unreleased model achievements. An internal OpenAI model has solved three additional Erdos problems, a mathematical achievement the company highlighted publicly. Anthropic, however, has historically avoided this "look what our unreleased model can do" approach, particularly in mathematics where the company acknowledges it has relative weaknesses .

How Did Claude Code's Source Code Become Public?

The leak of Claude Code's source revealed the minimalist architecture underlying one of Anthropic's most ambitious products. Rather than relying on complex inheritance-heavy abstractions, the system uses a simple core design with sophistication pushed into context management, tooling, and product instrumentation. The leaked code showed a four-layer context compression stack, streaming plus parallel tool execution, silent retries on output-length failures, and a modular architecture with over 40 tools .

What's particularly striking is that the leak exposed hidden features still in development, including task budget management, AFK mode, "Penguin" fast mode, and redirected reasoning. These unfinished product hooks suggest Anthropic has been experimenting with numerous optimization strategies to make Claude Code faster and more reliable .

How to Understand the Real Impact of AI Model Leaks

• Source Code Exposure: When the underlying code of an AI system becomes public, competitors and bad actors gain insight into architectural decisions, optimization techniques, and potential vulnerabilities that were previously proprietary knowledge.
• Ecosystem Acceleration: The leaked Claude Code fork hit 110,000 plus GitHub stars in a single day, demonstrating how quickly the open-source community can build on leaked information to create alternatives and competing implementations.
• Product Moat Persistence: While the leak exposed technical details, many developers noted that product polish, user experience, and reliability remain competitive advantages, even when orchestration patterns become publicly known.

Why Are Security Breaches Accelerating Across AI Companies?

The Mythos and Claude Code leaks are part of a broader pattern affecting the entire AI industry. Axios, a major news organization, was compromised this week, following earlier breaches of LiteLLM, a popular AI infrastructure tool. According to security analysis in the sources, this trend reflects a fundamental asymmetry: defense requires stopping every attack, while offense only needs to succeed once. As attack surface grows, offense is getting more opportunities to find vulnerabilities .

The leaks also exposed how Anthropic's damage control efforts can backfire. The company initially filed Digital Millennium Copyright Act (DMCA) takedown notices against repositories that did not even contain the leaked source code. After community pushback and clarification from Anthropic, the company acknowledged the mistake and restored the affected repositories, demonstrating how even well-intentioned security responses can create friction in the open-source ecosystem .

What Does This Mean for Anthropic's Competitive Position?

The leaks accelerated ecosystem competition in unexpected ways. Developers began comparing Claude Code alternatives, with some finding that Nous Hermes Agent offered easier deployment and better local workflows. A "Universal CLAUDE.md" prompt template emerged claiming to reduce output tokens by 63 percent, while Google proposed an Agent Skills specification designed to cut baseline context requirements by 90 percent .

Meanwhile, other companies continued releasing competitive models. Arcee released Trinity-Large-Thinking, a 400-billion parameter model with 13 billion active parameters, positioned explicitly for developers and enterprises wanting to inspect, host, and customize their own systems. Z.ai introduced GLM-5V-Turbo, a vision-coding model that natively handles images, videos, and document layouts while maintaining pure-text coding performance .

The broader context matters significantly. Anthropic has been engaged in a legal battle with the U.S. Department of Defense over the company's refusal to work on military applications. In late March, Judge Lin issued a scathing opinion and full preliminary injunction against the government, and as of early April, the government had not yet filed an appeal. This legal victory provided Anthropic some breathing room, though the company still faces pressure to demonstrate progress and maintain its market position .

What emerges from these leaks is a portrait of an AI company managing multiple pressures simultaneously: the need to innovate and stay competitive, the challenge of maintaining security in an increasingly hostile threat environment, and the tension between keeping capabilities internal for safety reasons and the market pressure to demonstrate progress. Mythos may represent a genuine breakthrough in AI capabilities, but the leaks suggest that keeping such breakthroughs secret is becoming increasingly difficult in an era where security vulnerabilities are multiplying faster than defenses can address them .