Anthropic accidentally revealed the existence of its most powerful AI model, Claude Mythos, after an unsecured data store containing nearly 3,000 unpublished blog assets was discovered publicly accessible on March 26, 2026. The leak included draft documentation describing Mythos as a “step change” in capabilities that surpasses Claude Opus 4.6 across coding, academic reasoning, and cybersecurity exploitation benchmarks.
Key Highlights
- Anthropic exposed details of Claude Mythos through an unsecured, publicly searchable data store
- Internal documentation calls Mythos “the most capable model we’ve built to date,” surpassing Claude Opus 4.6
- The model shows dramatically higher scores in software coding, academic reasoning, and cybersecurity exploitation
- Anthropic is privately warning top US government officials that Mythos could make large scale cyberattacks more likely
- Nearly 3,000 unpublished assets from Anthropic’s blog were included in the leak
What the Leak Revealed
The exposed data store contained draft blog posts, internal benchmark results, and capability assessments for what Anthropic internally codes as “Capybara,” the generation tier that includes Mythos. The documentation describes performance improvements across every major benchmark category, with particular emphasis on the model’s ability to identify and exploit software vulnerabilities.
Anthropic did not intend for any of this information to be public. The exposure appears to have been an infrastructure misconfiguration rather than a deliberate release. The company has since secured the data store, but the documents had already been accessed and reported on by multiple outlets including Fortune and Axios.
The Government Warning
The most significant aspect of the leak is not the model itself but the context around it. Anthropic is reportedly briefing senior US government officials on Mythos with a specific focus on cybersecurity risk. The company’s internal assessment indicates that the model’s capability to generate, identify, and reason about software exploits at scale could lower the barrier for sophisticated cyberattacks.
This is an unusual position for a frontier lab. Anthropic is simultaneously building the model and warning governments about its potential for misuse. The dual posture reflects the company’s long standing emphasis on AI safety research, but it also raises an uncomfortable question: if you believe a model is dangerous enough to warrant government briefings, what is the threshold for deciding not to deploy it?
What Mythos Means for the AI Race
Claude Mythos, if it performs as the leaked documentation suggests, would represent Anthropic’s most significant capability jump since the original Claude 3 family. The improvements in coding and reasoning benchmarks place it in direct competition with OpenAI’s latest models and Google’s Gemini Ultra class systems.
The timing is notable. OpenAI is preparing for a potential IPO later this year. Google just rolled out Gemini 4.0 as part of its March 2026 core update. The frontier model race is accelerating on a quarterly cadence, with each lab pushing capabilities forward while simultaneously grappling with the safety implications of what they are building.
The Security Irony
An AI safety company accidentally exposing its most powerful model through a basic infrastructure misconfiguration is a difficult look. The leak was not the result of a sophisticated attack. It was an unsecured data store that was publicly searchable. This is the kind of operational security failure that Anthropic’s own models are designed to help organisations avoid.
The incident does not undermine Anthropic’s research. It does undermine the assumption that frontier AI labs have their own operational security fully in order while they advise others on theirs.
The Daily Brief by TCB
Crypto, AI & finance intelligence in 5 minutes. Every weekday morning. Free.
