Anthropic is developing Claude Mythos, its most powerful AI model yet, which the company describes as a "step change" in artificial intelligence capabilities. The model's existence became public after a data leak exposed draft materials stored in an unsecured content management system. According to the leaked documents, Mythos (also referred to as Capybara in internal materials) significantly outperforms Anthropic's previous flagship model, Claude Opus 4.6, particularly in software coding, academic reasoning, and cybersecurity tasks .

The leak occurred due to human error in configuring Anthropic's content management system (CMS), a software tool used to publish blog posts and other content. Digital assets created in the system are set to public by default and assigned publicly accessible web addresses unless users explicitly change privacy settings. This configuration error left close to 3,000 unpublished assets accessible to anyone with the right search tools, including draft blog posts, images, and internal documents .

What Makes Claude Mythos Different From Previous Models?

Anthropic currently organizes its AI models into three tiers based on capability and speed. The Opus models represent the largest and most capable versions; Sonnet models offer a middle ground with faster speeds and lower costs; and Haiku models are the smallest, cheapest, and fastest. Claude Mythos introduces an entirely new tier above Opus, making it larger, more intelligent, and more expensive to operate than anything Anthropic has released before .

The leaked draft blog post stated that Mythos achieves "dramatically higher scores" compared to Claude Opus 4.6 on tests measuring software coding ability, academic reasoning, and cybersecurity capabilities. The company has completed training the model and begun testing it with a small group of early access customers. Anthropic confirmed this development in a statement, saying it is "developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity" and considers it "a step change and the most capable we've built to date" .

Anthropic

Why Is Anthropic So Concerned About Cybersecurity Risks?

The leaked documents reveal that Anthropic views Claude Mythos as posing significant and unprecedented cybersecurity dangers. The company stated that the model is "currently far ahead of any other AI model in cyber capabilities" and "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." In practical terms, this means Anthropic is worried that hackers could use the model to identify and exploit security weaknesses in computer systems at scale, potentially enabling large-scale cyberattacks .

This concern is not theoretical. Anthropic has already documented real-world incidents where hacking groups, including those linked to the Chinese government, have attempted to exploit Claude in cyberattacks. In one documented case, a Chinese state-sponsored group ran a coordinated campaign using Claude Code to infiltrate roughly 30 organizations, including technology companies, financial institutions, and government agencies, before Anthropic detected and stopped the operation .

The latest generation of frontier AI models from both Anthropic and OpenAI have crossed a threshold that triggers new safety protocols. In February, OpenAI released GPT-5.3-Codex, which it classified as "high capability" for cybersecurity tasks under its Preparedness Framework. Anthropic navigated similar risks with Claude Opus 4.6, released the same week, which demonstrated the ability to surface previously unknown vulnerabilities in production codebases. Both companies acknowledge these capabilities are dual-use, meaning they can help cybersecurity defenders find and fix vulnerabilities or help attackers exploit them .

How Is Anthropic Planning to Release Claude Mythos Safely?

• Early Access Strategy: Rather than releasing Mythos to the general public immediately, Anthropic is working with a small group of early access customers to test the model and understand its real-world behavior before broader deployment.
• Focus on Cyber Defenders: The company plans to prioritize giving cybersecurity organizations early access to the model, allowing them to use its capabilities to strengthen their own defenses and prepare for the wave of AI-driven exploits that may follow.
• Deliberate Rollout Timeline: Anthropic acknowledged that "given the strength of its capabilities, we're being deliberate about how we release it," indicating the company will take time to understand risks before making the model more widely available.

The draft blog post emphasized that Anthropic wants to "act with extra caution and understand the risks it poses, even beyond what we learn in our own testing." The company specifically stated it wants to understand the model's "potential near-term risks in the realm of cybersecurity and share the results to help cyber defenders prepare" .

Anthropic's cautious approach reflects broader industry concerns about the dual-use nature of advanced AI capabilities. As AI models become more powerful at tasks like identifying software vulnerabilities, the gap between defensive and offensive applications narrows. The company's strategy of giving defenders a head start represents an attempt to balance innovation with responsible deployment.

What Does This Data Leak Reveal About Anthropic's Business Strategy?

Beyond the technical details of Claude Mythos, the leaked documents exposed other aspects of Anthropic's corporate strategy. The unsecured data cache contained descriptions of a planned, invite-only CEO summit in Europe designed to help the company sell its AI models to large corporate customers. This reveals that Anthropic is actively pursuing enterprise sales and building relationships with major organizations, positioning itself as a serious competitor to OpenAI in the commercial AI market .

The leak also underscores a broader challenge facing AI companies: managing sensitive information in an era of rapid development and public scrutiny. Anthropic acknowledged the incident was caused by "human error" in its content management system configuration. After Fortune informed the company of the leak on Thursday, Anthropic removed public access to the data store, preventing further retrieval of the unpublished materials .

For organizations using or considering Anthropic's AI models, the incident highlights the importance of understanding how AI companies handle security and data management. The fact that draft materials remained publicly accessible for an unknown period raises questions about what other information might have been exposed and how thoroughly companies audit their infrastructure for similar vulnerabilities.

Claude Mythos represents a significant milestone in AI development, but its cautious rollout reflects the industry's growing awareness that raw capability must be paired with thoughtful deployment strategies. As AI models become more powerful, the decisions made by companies like Anthropic about how, when, and to whom they release these tools will have real consequences for cybersecurity, business operations, and public safety.