Anthropic just accidentally leaked its most powerful AI

On March 26, 2026, a misconfigured setting on Anthropic's publishing system — the kind where files should have been set to "private" but defaulted to "public" — made roughly 3,000 unpublished internal documents searchable by anyone who knew where to look. Buried inside: a draft blog post announcing a new AI model that Anthropic's engineers had described as "the most powerful system we've ever developed" — one that "poses unprecedented cybersecurity risks."

The model is called Claude Mythos (internally codenamed "Capybara"). It sits entirely above Claude Haiku, Sonnet, and Opus — Anthropic's current model lineup — representing a fourth tier of capability that the company had not yet publicly announced.

How 3,000 Secret Documents Became Public

The leak was discovered by Roy Paz, a senior AI security researcher at LayerX Security, and Alexandre Pauwels, a cybersecurity researcher at the University of Cambridge. The root cause: Anthropic's external CMS (content management system — the platform where marketing teams draft blog posts and upload files before they go live) had a default setting that automatically made all uploaded files publicly accessible. No hacker was involved. It was human error.

The approximately 3,000 exposed assets included:

• Draft blog posts announcing Claude Mythos and its Capybara variant
• Internal strategy documents and research papers
• Employee parental leave documentation
• A PDF invitation to an exclusive European CEO retreat at an 18th-century English countryside manor — with Anthropic CEO Dario Amodei confirmed to attend
• Company logos, design files, and graphics

Fortune magazine notified Anthropic on Thursday, March 26. The files were removed shortly after. Anthropic confirmed the breach was caused by human error — not AI — and stated it did not affect "core infrastructure, AI systems, customer data, or security architecture."

What Claude Mythos Can Actually Do

The leaked draft described Claude Mythos in stark terms. According to internal documents, the model's capabilities go significantly beyond anything Anthropic has shipped publicly:

Anthropic's official response was more measured: "We're developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity. We consider this model a step change and the most capable we've built to date."

The most alarming line from the leaked draft: Mythos "heralds an imminent wave of models that can exploit vulnerabilities in ways that far exceed the efforts of defenders." In plain English: attackers using this AI could find and exploit security holes faster than defenders can patch them.

The name Capybara — the world's largest rodent — was chosen deliberately to signal a massive capability leap. The name Mythos was selected to evoke "the deep connective tissue that links knowledge and ideas together."

Why Cybersecurity Stocks Crashed the Next Day

When this story broke, financial markets had a visceral reaction. If AI can automatically find and exploit software vulnerabilities (the "holes" in code that hackers use to break into systems), companies that sell traditional cybersecurity software face a fundamental question about their business model.

On March 27, 2026, cybersecurity stocks dropped sharply:

• CrowdStrike (major cybersecurity firm) — stock fell -7%
• Palo Alto Networks — -6%
• Zscaler — -4.5%
• Okta (identity and login security) — -3%
• SentinelOne and Fortinet — -3% each

Crypto markets also reacted. Bitcoin fell from approximately $70,000 to $66,000, with $171 million in Bitcoin ETF (exchange-traded fund — investment products tracking crypto prices) outflows — the largest single-day withdrawal in three weeks. $300 million in long positions (bets that prices would rise) were liquidated.

The irony is thick: Anthropic, which was founded specifically to build AI more safely than competitors, accidentally leaked a document warning that its own newest model could enable "large-scale cyberattacks."

For context on just how far this field has already come: Anthropic's existing Claude Code Security tool (powered by the current Claude Opus) has already discovered 500+ high-severity exploits in open-source projects. Mythos is expected to dramatically exceed that capability.

Who Gets Access — and When

Anthropic is proceeding carefully. Phase 1 of Claude Mythos's rollout is limited to organizations in the cyber defense sector — companies whose job is to protect systems, not attack them. The logic: give defenders a head start before wider deployment.

There is currently no public release date. The model is described as "very expensive to run", meaning Anthropic needs to improve its efficiency before offering it at the scale of Claude Opus.

For reference: Claude Opus 4.6 — the current top-tier model — scored approximately 81.42% on SWE-bench Verified (the benchmark where AI tries to fix real software bugs without guidance — essentially an automated coding skills test). Claude Mythos is expected to significantly exceed that score, though no confirmed benchmark numbers have been officially released.

Separately, in the same news cycle: a U.S. judge blocked the Pentagon's attempt to ban Claude from government work, calling the reasoning an "Orwellian notion." Anthropic is also reportedly weighing IPO plans for late 2026 — making this one of the most consequential weeks in the company's history.

What This Means for the AI Race

If you use Claude today for writing, coding, or research, nothing changes immediately. Claude Mythos is months from public availability, if not longer.

The bigger story is directional: the gap between what's publicly available and what's being privately tested is widening rapidly. A model that its own developers warn could be used for "large-scale cyberattacks" is being quietly trialed in a corner of the cybersecurity world right now.

When Claude Mythos does become available through the Claude API (the connection that lets apps and tools plug into Claude's intelligence), it will represent the most significant capability upgrade to a publicly available AI since GPT-4 launched in 2023. Whether that's exciting or alarming depends heavily on who gets to use it first — and that's exactly what Anthropic is trying to manage.

Related Content — Get Started with Easy Claude Code | Free Learning Guides | More AI News