Anthropic Accidentally Leaked Its Most Powerful AI Model Ever – And It Might Be Too Dangerous to Release

A company building what it calls an AI model with “unprecedented cybersecurity capabilities” just left the announcement of that model in an unsecured, publicly searchable data store. The irony doesn’t need elaborating.

On March 26, 2026, Fortune reporter Bea Nolan discovered that Anthropic had accidentally left nearly 3,000 unpublished internal assets – including a draft blog post announcing a powerful new AI model – in an unencrypted, publicly accessible data cache. The model is called Claude Mythos. And based on what leaked, it’s unlike anything Anthropic has released before.

How the Leak Happened

The exposure was caused by a configuration error in Anthropic’s content management system. By default, assets published through the CMS are set to public and assigned a publicly accessible URL – unless a user explicitly changes that setting. Someone didn’t.

Two cybersecurity researchers – Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge – independently discovered the exposed data store. It contained close to 3,000 unpublished assets, including draft blog posts, internal PDFs, images, and documents not yet released to the public. Fortune reviewed the documents and contacted Anthropic, after which the company restricted access. Anthropic attributed the incident to “human error” and described the exposed materials as “early drafts of content considered for publication.”

By the time access was restricted, the draft blog post – describing a model Anthropic internally calls “by far the most powerful AI model we’ve ever developed” – had already been read, screenshotted, and distributed widely across the AI research community.

What the Leaked Documents Revealed

The leak included what appeared to be a structured draft blog post complete with headings, body text, and a publication date – suggesting it was close to a planned launch announcement, not a rough internal note.

Two versions of the same draft exist with only one difference: the model name. One calls it Claude Mythos. The other calls it Capybara. Both appear to describe the same underlying model. The Capybara version still carries the subtitle: “We have finished training a new AI model: Claude Mythos.” Anthropic told Fortune the two names were “early drafts of content being considered for publication,” – suggesting they were still deciding between name candidates.

“Capybara is a new name for a new tier of model: larger and more intelligent than our Opus models – which were, until now, our most powerful.” – Leaked Anthropic draft blog post

The name Mythos was chosen, the draft said, to evoke “the deep connective tissue that links together knowledge and ideas.”

What Makes Mythos Different From Claude Opus 4.6

The leaked blog post makes direct comparisons to Claude Opus 4.6 – Anthropic’s current flagship model – and the performance claims are significant:

• Software coding: “Dramatically higher scores” – exact numbers were not in the leaked excerpt, but the phrasing suggests a substantial gap, not an incremental improvement
• Academic reasoning: Dramatically higher scores versus Opus 4.6
• Cybersecurity tasks: Dramatically higher scores – and this is where the story gets complicated

Anthropic’s spokesperson confirmed “meaningful advances in reasoning, coding, and cybersecurity” and described the overall capability jump as a “step change” – language that Anthropic reserves for genuinely discontinuous improvements, not version bumps.

The Cybersecurity Problem – Why This Is Being Held Back

This is the part of the leak that will define how Claude Mythos is ultimately received – and possibly whether it ever ships publicly at all.

The leaked draft blog post states that Claude Mythos poses “unprecedented cybersecurity risks.” According to the document, the model is “currently far ahead of any other AI model in cyber capabilities” and “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”

In plain terms, Mythos is so good at finding and exploiting software vulnerabilities that Anthropic believes it could accelerate a cyber arms race if it reached the wrong hands. That is not marketing language. Anthropic’s own draft says it.

What Else Was in the Leak

The Mythos draft was the biggest story in the data cache, but not the only thing exposed. The nearly 3,000 assets also included a PDF about an upcoming invite-only two-day retreat for European CEOs at an 18th-century English countryside manor, with Anthropic CEO Dario Amodei listed as attending. An Anthropic spokesperson confirmed it was “part of an ongoing series of events we’ve hosted over the past year” – a sales and relationship summit for major enterprise customers.

The exposure of that event alongside the model announcement suggests the data cache was being used as a staging environment for multiple upcoming announcements simultaneously.

What This Means for Developers and Teams

For most developers and teams, Claude Mythos is not coming soon. The model is expensive, the rollout is deliberately slow, and Anthropic is prioritising security evaluation over speed to market. What the leak does tell you:

• The capability ceiling is moving significantly. If “dramatically higher than Opus 4.6” on coding and reasoning is accurate, the gap between current frontier models and Mythos is real – not incremental.
• A new model tier is coming. Capybara above Opus is a structural change to Anthropic’s lineup. When it arrives, it will likely sit at a price point above current Opus pricing – expect it to be positioned at enterprise and research customers first.
• Cybersecurity use cases will be the first access point. The early access group is specifically evaluating cybersecurity applications. Security teams at large enterprises will likely be among the first to get structured access.
• The name might still change. Two name candidates (Mythos, Capybara) were in the leaked docs. The final product name is unconfirmed.