Anthropic confirms Claude Mythos testing after leak reveals most powerful AI model with cyber risks

Exclusive: Anthropic is testing 'Mythos' its 'most powerful AI model ever developed' | Fortune

AI company Anthropic is developing and has begun testing with early access customers a new AI model more capable than any it has released previously, the company said, following a data leak that revealed the model's existence. An Anthropic spokesperson said the new model represented "a step change" in AI performance and was "the most capable we've built to date." The company said the model is currently being trialed by "early access customers." Descriptions of the model were inadvertently stored in a publicly-accessible data cache and were reviewed by Fortune. A draft blog post that was available in an unsecured and publicly-searchable data store prior to Thursday evening said the new model is called "Claude Mythos" and that the company believes it poses unprecedented cybersecurity risks. The same cache of unsecured, publicly discoverable documents revealed details of a planned, invite-only CEO summit in Europe that is part of the company's drive to sell its AI models to large corporate customers. The AI lab left the material, including what appeared to be a draft blog post announcing a new model, in an unsecured, public data lake, according to documents separately located and reviewed by Roy Paz, a senior AI security researcher at LayerX Security, a computer and network security company, and Alexandre Pauwels, a cybersecurity researcher at the University of Cambridge. In total, there appeared to be close to 3,000 assets linked to Anthropic's blog that had not been published previously on the company's news or research sites that were nonetheless publicly-accessible in this data cache, according to Pauwels, who Fortune asked to assess and review the material. After being informed of the data leak by Fortune on Thursday, Anthropic removed the public's ability to search the data store and retrieve documents from it. In a statement provided to Fortune, Anthropic acknowledged that a "human error" in the configuration of its content management system led the draft blog post to being accessible. It described the unpublished material that was left in an unsecured and publicly-searchable data store as "early drafts of content considered for publication." As well as referring to Mythos, the draft blog post also discussed a new tier of AI models that it says will be called "Capybara". In the document, Anthropic says: "'Capybara' is a new name for a new tier of model: larger and more intelligent than our Opus models -- which were, until now, our most powerful." Capybara and Mythos appear to refer to the same underlying model. Currently, Anthropic markets each of its models in three different sizes: the largest and most capable model versions are branded Opus, while a slightly faster and cheaper, but less capable, versions are branded Sonnet, and the smallest, cheapest, and fastest are called Haiku. However, in the blog post, Anthropic describes Capybara as a new tier of model that is even larger and more capable than Opus, but also more expensive. "Compared to our previous best model, Claude Opus 4.6, Capybara gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity, among others," the company said in the blog. The document also said the company had completed training "Claude Mythos," which the draft blog post described as "by far the most powerful AI model we've ever developed." In response to questions about the draft blog post, the company acknowledged training and testing a new model. "We're developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity," an Anthropic spokesperson said. "Given the strength of its capabilities, we're being deliberate about how we release it. As is standard practice across the industry, we're working with a small group of early access customers to test the model. We consider this model a step change and the most capable we've built to date." The document Fortune and the cybersecurity experts reviewed consists of structured data for a webpage, complete with headings and a publication date, suggesting it forms part of a planned product launch. It outlines a cautious rollout strategy for the model, beginning with a small group of early-access users. The draft blog notes that the model is expensive to run and not yet ready for general release. The new AI model poses significant cybersecurity risks, according to the leaked document. "In preparing to release Claude Capybara, we want to act with extra caution and understand the risks it poses -- even beyond what we learn in our own testing. In particular, we want to understand the model's potential near-term risks in the realm of cybersecurity -- and share the results to help cyber defenders prepare," the document said. Anthropic appears to be especially worried about the model's cybersecurity implications, noting that the system is "currently far ahead of any other AI model in cyber capabilities" and "it presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." In other words, Anthropic is concerned that hackers could use the model to run large-scale cyberattacks. The company said in the draft blog that because of this risk, its plan for the model's release would focus on cyber defenders: "We're releasing it in early access to organizations, giving them a head start in improving the robustness of their codebases against the impending wave of AI-driven exploits." The latest generation of frontier models from both Anthropic and OpenAI have crossed a threshold that the companies say poses new cybersecurity risks. In February, when OpenAI released GPT-5.3-Codex, the company said it was the first model it had classified as "high capability" for cybersecurity-related tasks under its Preparedness Framework -- and the first it had directly trained to identify software vulnerabilities. Anthropic, meanwhile, navigated similar risks with its Opus 4.6, released the same week. The model demonstrated an ability to surface previously unknown vulnerabilities in production codebases, a capability that the company acknowledged was dual-use, meaning that it could both help hackers as well as help cybersecurity defenders find and close vulnerabilities in code. The company has also reported that hacking groups, including those linked to the Chinese government, have attempted to exploit Claude in real-world cyberattacks. In one documented case, Anthropic discovered that a Chinese state-sponsored group had already been running a coordinated campaign using Claude Code to infiltrate roughly 30 organizations -- including tech companies, financial institutions, and government agencies -- before the company detected it. Over the following ten days, Anthropic investigated the full scope of the operation, banned the accounts involved, and notified affected organizations. The leak of not-yet-public information appears to stem from an error on the part of users of the company's content management system (CMS), which is the software used to publish the company's public blog, according to cybersecurity professionals. Digital assets created using the content management system are set to public by default and typically assigned a publicly accessible URL when uploaded -- unless the user explicitly changes a setting so that these assets are kept private. As a result, a large cache of images, PDF files, and audio files seem to have been published erroneously to an unsecured and publicly-accessible URL via the off-the-shelf content management system. Anthropic acknowledged in a statement to Fortune that "an issue with one of our external CMS tools led to draft content being accessible." It attributed this issue to "human error." Many of the documents appeared to be discarded or unused assets for past blog posts like images, banners, and logos. However, several appeared to be what were meant to be private or internal documents. For example, one asset has a title that described an employee's "parental leave." The documents also included a PDF containing information about an upcoming, invite-only retreat for the CEOs of European companies being held in the U.K., and which Anthropic CEO Dario Amodei will attend. Names of the other attendees are not listed, but are described as Europe's most influential business leaders. The two-day retreat is described as an "intimate gathering" to engage in "thoughtful conversation" at an 18th-century manor-turned-hotel-and-spa in the English countryside. The document says that attendees will hear from lawmakers and policymakers about how businesses are adopting AI and experience unreleased Claude capabilities. An Anthropic spokesperson told Fortune the event "is part of an ongoing series of events we've hosted over the past year. We look forward to hosting European business leaders to discuss the future of AI."

Claude Mythos: Leak spills details on Anthropic's new AI model, its most powerful yet - The Economic Times

A data leak revealed Anthropic is developing "Claude Mythos", its most powerful AI model yet, now in early testing. Exposed files showed details about the new models and cybersecurity risks that may result from it. The company blamed human error for the data leak.A data leak has revealed that Anthropic is developing a new artificial intelligence model it claims is its most powerful yet, with the system already being tested by a small group of users. A report in Fortune quoted an Anthropic spokesperson as saying the system is "the most capable we've built to date." Big leak Details about the model emerged after internal material was accidentally exposed in a public data store. In total, 3,000 assets linked to Anthropic's blog were accessible online. These included early drafts of announcements and other internal content that had not yet been released publicly. Among the files was a draft blog post referring to the model as "Claude Mythos" and warning that it could pose serious cybersecurity risks. The same leak also pointed to a planned, invite-only CEO summit in Europe, part of the company's push to promote its AI systems to large businesses. The company later said the leak had occurred due to "human error," specifically in how its content management system (CMS) was set up. It described the material as "early drafts of content considered for publication" and has since restricted access to the data. A new generation of AI models The leaked draft also referred to a new category of models under the name "Capybara." According to the document, this would represent a step beyond the company's current top-tier models. "'Capybara' is a new name for a new tier of model: larger and more intelligent than our Opus models -- which were, until now, our most powerful," Anthropic said in one leaked blogpost. Capybara and Mythos seem to be referring to the same underlying model, according to Fortune. Currently, Anthropic offers models at three levels: Opus, Sonnet and Haiku, which vary in size, cost and capability. Opus is the largest and most capable, designed for complex tasks but at a higher cost. Sonnet is a mid-tier option, balancing performance, speed and price. Haiku is the smallest, fastest and cheapest, suited for simpler use cases. The new system appears to go beyond Opus, making it both more advanced and more expensive. The document also suggested that training for "Claude Mythos" has already been completed. Cybersecurity concerns The leaked material highlights growing concern within the company about the risks linked to more advanced AI systems, Fortune said. "In preparing to release Claude Capybara, we want to act with extra caution and understand the risks it poses -- even beyond what we learn in our own testing. In particular, we want to understand the model's potential near-term risks in the realm of cybersecurity -- and share the results to help cyber defenders prepare," the document said, according to Fortune. In simple terms, Anthropic believes the model could be used to find and exploit weaknesses in software much faster than current tools. This raises the risk of more frequent and large-scale cyberattacks if such systems fall into the wrong hands. Because of this, the company plans to release the model carefully, starting with trusted organisations. "We're releasing it in early access to organisations, giving them a head start in improving the robustness of their codebases against the impending wave of AI-driven exploits," Anthropic said in the draft blog, according to Fortune. Real-world misuse already detected Anthropic has already seen attempts to misuse its AI systems. The company said hacking groups, including some linked to China, have tried to exploit its tools in real-world operations. In one case, a state-backed group used Claude Code in a coordinated effort targeting around 30 organisations, including technology companies, financial institutions and government bodies. Anthropic said it identified the activity, blocked the accounts involved and informed those affected within days. The incident underlines the wider challenge facing AI companies: building more powerful systems while trying to limit how they might be misused.

Claude Mythos Leak Sparks Alarm Over AI-Driven Cyber Threats

Anthropic Claude Mythos leak raises fears of AI-powered cyberattacks and security risks Reports about a model dubbed 'Claude Mythos' have raised fresh alarms over artificial intelligence and cyber threats. The latest claims link the system to Anthropic's Claude and suggest it can identify vulnerabilities and generate exploit code. Anthropic has not confirmed any such model. Current reports rely on interpretations of recent security findings, not an official release. Researchers have already shown that AI tools can assist in cyberattacks. Hackers can use these systems to scan code, detect flaws, and build attack scripts. These tools cut the skill needed to launch sophisticated attacks. Security analysts have also found weaknesses in , which could expose systems to misuse. There are three risks identified by experts in the immediate future. First, attackers can misuse AI tools with ease. The growth of cybercrimes is faster than the . There is also a possibility for systems to behave in an unpredictable manner with less human intervention. Advanced AI can be used for coordinated attacks with little supervision. The leak is not confirmed, but the risks are real. AI is advancing faster than security frameworks. The focus now is on managing active threats, not speculating on new models.

Anthropic accidentally reveals Claude Mythos, its most powerful AI model yet

The company is taking a cautious rollout approach due to fears the model could be misused for large-scale cyberattacks, echoing concerns also seen at OpenAI. Anthropic is currently developing a new AI model that can easily outperform current offerings, even as an internal data leak unintentionally revealed details about the project. The company has confirmed the model is being tested with a limited group of early access users. As per the information that surfaced from the publicly accessible internal files, the upcoming model may be called Claude Mythos. In a draft document reviewed by external sources, the model was described as the most powerful AI the company has made so far, with some improvements in reasoning, coding and cybersecurity capabilities. On the other hand, Anthropic acknowledged that exposure of these documents was due to a configuration error in the content management system, which made unpublished materials visible online. The company stated that the files were early drafts intended for internal use and has since restricted access to the data. The leaked material also pointed to a new classification of AI systems internally referred to as Capybara, which appears to represent a tier above existing models like Opus. Anthropic currently categorises its models into tiers such as Opus, Sonnet and Haiku, but the new system is expected to exceed these in both capability and cost. Also read: Google releases Lyria 3 Pro AI model with longer music generation: How to access The company has flagged potential cybersecurity risks associated with the model. The internal description suggests that its advanced features can be misused to find and exploit different software vulnerabilities at scale, which might outpace current defensive systems. As a result, Anthropic is said to be approaching the rollout cautiously, initially offering access to a few organisations to strengthen the cyber defense. Adding on, the model details that surfaced online also reportedly included references to a private executive event in Europe aimed at engaging business leaders on AI adoption. This comes amid the increasingly capable models raising concerns around dual-use risk. Recently, OpenAI has faced similar concerns, particularly around models designed to detect vulnerabilities in software systems.