Anthropic Data Leak Reveals Claude Mythos, Its Most Powerful AI Model Yet

The irony is almost too precise. Anthropic, whose internal documents warn that its newest model could enable a wave of automated cyberattacks, left those same documents sitting in a publicly accessible content management system.

On March 28, security researchers Roy Paz of LayerX Security and Alexandre Pauwels of Cambridge discovered roughly 3,000 unpublished files, including draft blog posts, technical PDFs, images and an invite-only event announcement, exposed through a misconfigured external CMS. The cache contained Anthropic's most closely held secret: an unannounced model called Claude Mythos, referenced internally by the codename Capybara.

Anthropic confirmed the incident and attributed it to human error in configuring the CMS. After Paz and Pauwels escalated their findings to Fortune and other outlets, Anthropic moved quickly to restrict public access.

An Anthropic spokesperson described Mythos as "a general-purpose model with meaningful advances in reasoning, coding, and cybersecurity," and said the company was being "deliberate about how we release it... we consider this model a step change and the most capable we've built to date." Draft documentation in the exposed files backed that assessment, claiming Mythos outperforms Opus 4.6 across software coding, academic reasoning and cybersecurity benchmarks.

The cybersecurity disclosures were the most alarming element. Leaked drafts warned that Mythos is "currently far ahead of any other AI model in cyber capabilities" and cautioned that broad availability of such a system could "presage an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." That language, drawn from Anthropic's own preparation materials, transformed the incident from an operational-security failure into a market and policy event.

Investors responded within hours. Public cybersecurity stocks saw sharp selling as traders and analysts worked to price the risk that a high-capability, automated vulnerability-discovery tool, even one tightly controlled, could accelerate attacks or force rapid defensive retooling across the sector.

Anthropic said Mythos is currently in early testing with a small set of early-access customers and has no public release date. The company is pursuing a staged rollout approach, citing the model's potential for misuse.

The episode exposed a persistent structural risk across AI development: capability claims and internal designs routinely live in developer documentation, CMS platforms and cloud storage services that, if misconfigured, create outsized exposures. For Anthropic specifically, a lab that has publicly positioned safety as a founding principle, the combination of an elementary tooling error and the gravity of what leaked will intensify scrutiny of its internal controls and its approach to documenting dual-use capabilities.

Paz and Pauwels chose to report the exposed cache through proper channels rather than exploit it. That the disclosure chain worked correctly offers a narrow form of reassurance; the fact that 3,000 files describing a frontier AI model's cyber-offensive potential were publicly reachable in the first place offers none.