Claude Mythos Leaked: Anthropic's 'Step Change' Model Is Real, Confirmed, and a Cybersecurity Warning
Sources: Fortune · The Decoder · Techzine | Leak date: March 26–27, 2026
Anthropic wasn't planning to tell you about Claude Mythos. A misconfigured content management system did it for them.
How the leak happened
A CMS configuration error at Anthropic made nearly 3,000 unpublished assets from its blog publicly accessible. Security researchers Roy Paz (LayerX Security) and Alexandre Pauwels (University of Cambridge) discovered the exposed data store — which contained a draft blog post describing Anthropic's next flagship model in significant detail. Fortune reviewed the documents, notified Anthropic on Thursday, and the company quietly restricted access.
Anthropic called it "human error" in its CMS config and said the exposed material was "early drafts of content considered for publication." Which is a polite way of confirming everything in it.
What the leaked drafts revealed
The documents came in two versions of the same blog post — identical except for the model's name. Version 1 calls it "Claude Mythos." Version 2 calls it "Claude Capybara." Tellingly, the Capybara version swapped the name throughout — except the subtitle, which still reads: "We have finished training a new AI model: Claude Mythos."
Both versions describe the same thing: a model in a new tier above Opus — Anthropic's current flagship. That would make it a 4th tier, above Haiku → Sonnet → Opus. The draft put it directly: "Capybara is a new name for a new tier of model: larger and more intelligent than our Opus models — which were, until now, our most powerful."
The name "Mythos" was chosen to evoke "the deep connective tissue that links together knowledge and ideas."
Benchmark claims: "dramatically higher"
The leaked blog described Mythos as achieving "dramatically higher scores" than Claude Opus 4.6 on:
- Software coding
- Academic reasoning
- Cybersecurity
For context, Opus 4.6 recently topped Terminal-Bench 2.0 at 65.4%, beating GPT-5.2-Codex. "Dramatically higher" is doing real work in that sentence.
Anthropic confirmed the substance when Fortune asked: "We're developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity. We consider this model a step change and the most capable we've built to date."
The cybersecurity red flag
This is the part that made headlines beyond AI circles. The leaked draft warned that Mythos is "currently far ahead of any other AI model in cyber capabilities" — and went further:
"It presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."
Anthropic acknowledged it's planning a deliberately slow rollout — starting with a small group of early-access customers specifically tasked with evaluating cybersecurity applications. The draft said Anthropic wants to "understand the model's potential near-term risks in the realm of cybersecurity — and share the results to help cyber defenders prepare."
The company is clearly aware it may be releasing something that outpaces current defensive infrastructure.
Expensive by design — for now
The documents were candid about cost: Mythos is "very expensive for us to serve, and will be very expensive for our customers to use." Anthropic says it's working to make it "much more efficient before any general release."
The model is currently in limited early access via the Claude API. General availability has no confirmed date.
Bottom line
Claude Mythos is real, it's confirmed by Anthropic, it dramatically outperforms Opus 4.6, and it carries cybersecurity risks the company itself considers unprecedented. The leak was accidental — but it's now the most detailed advance disclosure of a frontier AI model in recent memory.
The only question left: will it ship as Mythos, Capybara, or something else entirely?
→ Full Fortune report · The Decoder deep-dive
Subscribe to LGTM for daily AI model news delivered to your inbox.