A data leak has forced artificial intelligence (AI) heavyweight Anthropic to confirm the development of its most powerful model to date.
Codenamed Claude Mythos, the system is reportedly undergoing limited testing with early-access customers following an internal configuration error that exposed thousands of sensitive documents.
The leak, first reported by Fortune, occurred when a misconfigured content management system (CMS) left a cache of approximately 3,000 unpublished files accessible in a public data lake.
The exposed assets included draft blog posts, internal images, and corporate details regarding exclusive executive events. Most notably, the breach revealed the existence of Mythos and a new elite performance tier dubbed Capybara.
Anthropic has since verified the model’s authenticity, describing it as a “step change” in AI performance.
According to internal documents, Claude Mythos is designed to surpass all previous iterations — including the current flagship, Claude 3 Opus — in higher benchmarks in academic and logical problem-solving, significant improvements in software engineering and autonomous programming, and unprecedented capabilities in identifying and exploiting vulnerabilities.
The introduction of the Capybara tier marks a shift in Anthropic’s product hierarchy. While the company currently utilizes a three-tier system (Opus, Sonnet, and Haiku), Capybara is positioned as a specialized, ultra-high-intelligence level sitting above Opus, tailored for the most demanding enterprise and governmental tasks.
While the performance gains are substantial, the leak also highlighted Anthropic’s internal anxieties regarding safety.
In a draft blog post discovered during the breach, the company admitted that Mythos’s capabilities could “lower the barrier” for sophisticated cyberattacks.
The document warns that the model is “currently far ahead of any other AI model in cyber capabilities,” noting that it may “outpace the efforts of defenders” by automating the exploitation of software vulnerabilities.
Anthropic’s decision to limit the initial rollout to a select group of organizations is a strategic move intended to give cyber defenders a head start in fortifying codebases against an expected wave of AI-driven exploits.
Anthropic was quick to clarify that the leak was the result of human error rather than a compromise of its core AI infrastructure. A spokesperson confirmed that the exposed content was promptly removed once discovered and that no customer data was affected by the incident.
The company has not yet provided a timeline for a broad public release of Claude Mythos or the Capybara tier.
As of now, the model remains in a controlled trial phase, as Anthropic attempts to balance the competitive pressure of the AI arms race with the ethical imperative of managing a system that could fundamentally alter the cybersecurity landscape.
“As AI systems become more capable, both vulnerability discovery and attack execution will be agentic. What once required elite specialists can now be performed by software agents, continuously and in parallel,” Shlomo Kramer, co-founder and CEO of Cato Networks, said in an email. “The result is not just faster attacks, but a fundamentally different threat model defined by scale and speed. The immediate consequences will be a surge in vulnerability discovery, a true tsunami of zero-day exploits and one-day CVEs.”
