Anthropic Confirms Testing ‘Claude Mythos,’ Its Most Powerful AI Yet, After Embarrassing Data Leak

Anthropic has begun quietly testing a new frontier AI model that it describes as a clear “step change” beyond anything it has released before.

The company acknowledged Thursday after draft documents detailing the project were accidentally left exposed in a public data cache, according to Fortune.

The model, internally referred to as both Claude Mythos and Capybara, would introduce an entirely new tier above the company’s current flagship Opus line. According to the leaked draft blog post reviewed by Fortune, Capybara is “larger and more intelligent than our Opus models — which were, until now, our most powerful.”

It delivers dramatically higher performance on benchmarks for software coding, academic reasoning, and especially cybersecurity tasks compared with Claude Opus 4.6. Anthropic spokesperson confirmed the company is developing “a general purpose model with meaningful advances in reasoning, coding, and cybersecurity.”

The spokesperson added: “Given the strength of its capabilities, we’re being deliberate about how we release it… We consider this model a step change and the most capable we’ve built to date.”

The documents surfaced through a straightforward configuration error in Anthropic’s content management system. Assets uploaded to the CMS were set to public by default, leaving nearly 3,000 unpublished files, including images, PDFs, audio, and the draft announcement, searchable and downloadable by anyone.

Cybersecurity researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge spotted the cache and alerted Fortune. Once notified on Thursday, Anthropic quickly locked down public access.

The company attributed the lapse to “human error” in configuring an external CMS tool and described the exposed material as early drafts considered for publication.

A Cautious Rollout and Major Cyber Concerns

Anthropic is taking an unusually measured approach to the launch. The model is currently in early-access trials with a small group of customers, and the draft makes clear it is too expensive and potentially too risky for immediate general release.

The biggest red flag highlighted in the leaked document is cybersecurity. Anthropic warns that the model is “currently far ahead of any other AI model in cyber capabilities” and “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”

Hackers armed with such a system could launch large-scale, automated attacks on codebases at a speed and sophistication that current defenses may struggle to match.

Because of that risk, the company’s plan emphasizes giving cyber defenders a head start.

“We’re releasing it in early access to organizations, giving them a head start in improving the robustness of their codebases against the impending wave of AI-driven exploits,” the draft stated.

This mirrors emerging incidents of the growing industry. In February, OpenAI flagged its GPT-5.3-Codex as the first model it classified as “high capability” for cybersecurity under its Preparedness Framework. Anthropic’s own Opus 4.6, released around the same time, already showed strong dual-use potential — capable of surfacing unknown vulnerabilities in live code, a tool that could help attackers as easily as it helps defenders.

The company has also documented real-world attempts by Chinese state-linked groups to weaponize earlier Claude versions for coordinated intrusions into tech firms, banks, and government agencies.

New Model Tier and Enterprise PushThe leak also revealed Anthropic’s intention to reshape its product lineup. Until now, Claude models have come in three sizes: Haiku (fast and cheap), Sonnet (balanced), and Opus (most capable). Capybara would sit above Opus as a premium, higher-cost tier — larger, smarter, and significantly more expensive to run.

The documents further exposed plans for an invite-only, two-day executive retreat in the English countryside. Scheduled at an 18th-century manor turned luxury hotel and spa, the gathering is aimed at Europe’s most influential CEOs. Anthropic CEO Dario Amodei is expected to attend, and participants will hear from policymakers on AI adoption while getting hands-on exposure to unreleased Claude capabilities.

The company described the event as part of an ongoing series to court large corporate customers.

Anthropic confirmed the retreat is real and fits its broader strategy of deepening relationships with enterprise leaders.

The development underscores the high-stakes environment in which frontier AI labs now operate. Even a simple misconfiguration in a routine content system can spill sensitive product details, internal strategy, and risk assessments into the open. For a company that has positioned itself as the more safety-conscious alternative to OpenAI, the leak is an unwelcome reminder that operational hygiene matters as much as model alignment when capabilities reach this level.

Anthropic has not set a public release date for the new model, saying only that it will move deliberately. In the meantime, the early-access program will likely serve as both a testing ground and a controlled way to let trusted partners begin hardening their systems against the next wave of AI-powered cyber threats.

The incident comes as competition among the leading labs intensifies, with each new model promising bigger leaps and bigger headaches, in capabilities that blur the line between powerful tool and potential weapon. Anthropic’s challenge now is to prove it can handle the power it is building while keeping its own house in order.