Anthropic's new model "Claude Mythos" has been exposed as the strongest in history, with its network attack capabilities causing concern even among its own team.

An internal human error resulted in the exposure of Anthropic’s brand-new flagship model code-named “Claude Mythos.” The company describes it as a “step-change milestone” in AI performance, while also warning that its cybersecurity capabilities far exceed those of any existing AI model.
(Background: A judge supports Anthropic, barring the U.S. Department of Defense from punishing Claude with “supply-chain risk labels”)
(Additional context: Anthropic AI economy index—tens of thousands of-word report: automation trading workflows double in frequency; Claude is moving from being a tool to becoming a life assistant)

Table of contents

Toggle

• Capybara tier: a new level above Opus
• Defenders get it first—hackers are already using it
• CEO summit, the manor, and yet-to-be-released features

Was it not an intentional release but a human mistake? According to an exclusive report by Fortune, Anthropic exposed nearly 3,000 unpublished internal articles in publicly searchable data due to an error in operating its content management system (CMS).

Fortune obtained and reviewed drafts of the blog posts and found that Anthropic is developing a new flagship model code-named “Claude Mythos” (also referred to as Capybara), and has quietly opened a pilot test to early-access customers.

The draft directly states:

This is “the strongest AI model we’ve ever developed, without question”

Capybara tier: a new level above Opus

In terms of its architectural positioning, Claude Mythos is not an upgrade to Opus; rather, it adds a “Capybara” layer on top of the existing tiers—replacing Opus to become Anthropic’s top-tier model. The draft file says that compared with Claude Opus 4.6, the new model shows significant improvements across tests including software code writing, academic reasoning, and cybersecurity.

Claude is currently divided into three tiers: Haiku (extremely fast and affordable), Sonnet (all-around balance), and Opus (flagship for deep thinking)

The tradeoff is compute cost. Anthropic acknowledges that this model is “expensive to run,” and it is not yet ready to open it up to the public in full. The current strategy is phased releases: first let early-access partners try it, collect feedback, and then decide whether to expand the rollout.

The leak’s cause was that the default permissions for CMS assets were set to public. Employees had to manually mark them as private; once overlooked, they became directly searchable. In this incident, the exposure wasn’t only model information—it also included employee parental-leave records, unreleased images, PDFs, and audio. After Fortune notified Anthropic, access was immediately shut off. Anthropic acknowledged it was a “human error,” and LayerX Security researcher Roy Paz and University of Cambridge researcher Alexandre Pauwels also helped review and verify the authenticity of the related files.

Defenders get it first—hackers are already using it

Notably, the draft file warns that these models “foreshadow an incoming wave—these models’ ability to exploit vulnerabilities will far exceed defenders’ response speed.” For that reason, Mythos’s initial release strategy focuses on cyber defenders, aiming to let them strengthen codebases first and maintain a degree of buffer window between offense and defense.

The company’s concern isn’t unfounded. Anthropic logged a documented case: China-supported organizations have already used Claude Code to infiltrate about 30 organizations, spanning tech companies, financial institutions, and government agencies. Anthropic spent 10 days investigating the matter, ultimately banning the relevant accounts and notifying the victims. The incident occurred before Mythos was officially exposed, and it used existing Claude tools—not the next-generation model.

The competitive landscape is moving too. The GPT-5.3-Codex released in parallel by OpenAI has also been categorized by the industry as a “high-capability” model for cybersecurity, meaning the capability boundaries of frontier AI have collectively crossed a new threshold—and it’s no longer a problem for a single vendor alone.

CEO summit, the manor, and yet-to-be-released features

The leaked files also come with a business-planning clue: Anthropic plans to hold a two-day, invitation-only closed-door summit at an 18th-century manor in the English countryside, inviting “Europe’s most influential business leaders.” CEO Dario Amodei will attend in person, and attendees will experience Claude features that have not been released to the public yet.”

The details of this summit unexpectedly surfaced, reflecting that Anthropic is accelerating its penetration into Europe’s business landscape—and Mythos is likely the core bargaining chip for that closed-door showcase.