Claude Mythos: Anthropic's Most Powerful Model Leaked Before Launch

Sometimes the most interesting product launches aren't planned. On Thursday, security researchers discovered that Anthropic had inadvertently left nearly 3,000 unpublished blog assets in a publicly searchable data store — including what appeared to be a draft announcement for a model called Claude Mythos.

Anthropic confirmed it: "human error" in their content management system configuration. The data has since been locked down, but not before the content was reviewed and reported by Fortune.¹

A New Tier Above Opus

The leaked draft describes Mythos not as an incremental update but as an entirely new model category. Anthropic's current lineup tops out at Opus — the largest and most capable tier, followed by Sonnet and Haiku. Mythos (also referred to as "Capybara" in a second version of the same document, suggesting a naming decision was still being made) would sit above Opus.

The draft's own words: "by far the most powerful AI model we've ever developed."

Benchmarks cited in the document show "dramatically higher scores" compared to Claude Opus 4.6 on software coding, academic reasoning, and cybersecurity tasks. Anthropic confirmed this framing directly to Fortune, calling the model "a step change" and "the most capable we've built to date."

The cost caveat is equally notable: the draft explicitly warns the model is "very expensive" to run, and that Anthropic is working to improve efficiency before any general release. This isn't going to show up in Claude.ai next week.

Why Cybersecurity Is the Launch Focus

The most striking aspect of the Mythos release plan is its deliberate, narrow focus. Rather than a broad rollout, Anthropic is starting with a small group of early-access customers specifically in the cybersecurity space — and the reasoning is worth understanding.

The draft is candid: Mythos has capabilities that "presage an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." That's not marketing language. That's a warning from the people who built the thing.

The strategy follows from that assessment: give defenders a head start. By releasing Mythos first to organizations focused on finding and fixing vulnerabilities — before the capability becomes widely available — Anthropic is betting that the defensive use gets established before the offensive use scales.

Whether that sequencing actually works in practice is an open question. Capability diffusion in AI has historically been faster and less controllable than anyone expects. But the intent is notable: this is one of the more explicit acknowledgments from a frontier lab that a new model creates genuine asymmetric risk, and that the release plan is designed around managing it rather than ignoring it.

The Capybara Question

The existence of two draft versions — one called "Mythos," one called "Capybara" — with identical content except for the model name (including one version where the subtitle still reads "We have finished training a new AI model: Claude Mythos" even after the body text swapped to Capybara) suggests Anthropic hadn't finalized branding when the leak occurred.

Anthropic told Fortune these were "early drafts of content being considered for publication." Which name wins is anyone's guess. Mythos has better brand coherence with the "connective tissue between knowledge and ideas" framing in the draft. Capybara is the kind of name that makes a model memorable. Either way, the underlying model appears to be the same.

The Irony Worth Noting

A company announcing a model with "unprecedented cybersecurity risks" leaked the announcement through a basic misconfiguration of their own content management system. The researchers who found it — Roy Paz from LayerX Security and Alexandre Pauwels from Cambridge — did so through ordinary public search, not any sophisticated attack.

It's the kind of thing that would appear as a finding in a security audit. The irony of it happening at exactly this moment is hard to miss.

What to Watch

Anthropic says it will "slowly expand access to Claude Mythos to more customers using the Claude API over the coming weeks," with an initial focus on cybersecurity applications. No pricing, no general availability date, no public API access yet.

For developers watching the Claude ecosystem: if the benchmark claims hold up in practice, this represents a meaningful capability jump — particularly for tasks that require deep reasoning over large codebases. The cybersecurity emphasis suggests the model handles complex, multi-step logical chains better than its predecessors.

For everyone else: this is a preview of where the frontier is heading. The gap between the most capable private model and what's publicly available has historically been months, not years. That gap appears to be closing faster now.