Anthropic just got caught with its pants down. The company building what it calls the most safety-conscious AI on the planet accidentally left its biggest secret on a publicly searchable server. The secret? Claude Mythos — a new model tier that reportedly leapfrogs everything else in the industry.

And the kicker? Anthropic’s own internal docs warn that Mythos poses “unprecedented cybersecurity risks.” You can’t write irony this good.

What Got Leaked

Fortune broke the story Thursday: nearly 3,000 unpublished documents, including a draft blog post announcing Claude Mythos, were sitting in an unsecured data store. Not a sophisticated state-sponsored hack. Not a disgruntled employee. A CMS misconfiguration. Human error.

Anthropic confirmed the model is real, it’s in testing, and it represents “a step change” in capabilities. That’s a phrase AI companies don’t throw around casually — it means a qualitative leap, not just better benchmark numbers.

Meet Capybara — The New Top Tier

Anthropic currently sells Claude in three tiers: Haiku (cheap and fast), Sonnet (mid-range), and Opus (the heavyweight). Mythos introduces an entirely new tier called Capybara that sits above Opus.

“Capybara is a new name for a new tier of model: larger and more intelligent than our Opus models — which were, until now, our most powerful,” the leaked draft stated.

This isn’t Opus 4.7. It’s a new weight class entirely. Anthropic claims “dramatically higher scores” across coding, academic reasoning, and cybersecurity benchmarks compared to Opus 4.6 — which was already beating OpenAI’s GPT-5.2-Codex on Terminal-Bench 2.0.

The Cybersecurity Paradox

Here’s where it gets uncomfortable. Anthropic’s own leaked documents describe Mythos as “currently far ahead of any other AI model in cyber capabilities” and warn it “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”

The company that built the model is scared of what it can do.

This isn’t theoretical. In November 2025, Chinese state-sponsored hackers weaponized Claude against roughly 30 organizations by pretending to work for legitimate security firms. Anthropic knows firsthand how its models get abused.

Their solution? A defender-first rollout. Cybersecurity organizations get early access to harden their systems before Mythos goes wide. It’s genuinely novel in the industry — and it might be the smartest thing Anthropic has done. But it’s also an admission that this model is dangerous enough to require a head start for the good guys.

The Irony Writes Itself

A company warning about “unprecedented cybersecurity risks” from its new AI model… left the announcement in an unsecured, publicly searchable data store.

Security researchers from LayerX Security and the University of Cambridge independently found and verified the exposed documents. No hacking required. Just a search query.

Futurism’s headline nailed it: “Anthropic Just Leaked Upcoming Model With ‘Unprecedented Cybersecurity Risks’ in the Most Ironic Way Possible.”

There’s a meaningful difference between a CMS misconfiguration and model-level security. But optics matter, and these optics are brutal.

Wall Street Felt It

Cybersecurity stocks plunged Friday as investors processed the implications. If AI can find and exploit software vulnerabilities at machine speed, the cybersecurity industry faces either an existential threat or a massive demand surge — and nobody’s sure which.

Bitcoin and software stocks also dipped. The broader tech selloff comes on top of an already volatile week, with memory chip companies still reeling from Google’s TurboQuant announcement.

The Competitive Landscape

Mythos drops into the most heated AI race we’ve ever seen. OpenAI’s GPT-5.3-Codex was the first model classified as “high capability” for cybersecurity under its Preparedness Framework. Opus 4.6 matched or beat it. Now Mythos reportedly leapfrogs both.

But skepticism is warranted. OpenAI’s long-awaited GPT-5 was underwhelming at launch. Benchmark claims don’t always survive contact with the real world. What’s different about Mythos is the caution — Anthropic isn’t rushing to market, which either means they genuinely believe this model crosses new capability thresholds, or they’re executing the most sophisticated restraint-as-marketing play in AI history.

The leaked documents also reveal Anthropic’s broader play: an invite-only CEO summit in Europe to pitch AI to large enterprises. Mythos is the crown jewel. The Capybara tier — bigger, pricier, enterprise-focused — is the premium product for premium customers.

The Real Question

Both Anthropic and OpenAI now acknowledge their latest models pose real cybersecurity risks. Both have documented cases of state-sponsored weaponization. Both respond with cautious rollout strategies.

But here’s the thing about head starts: they’re temporary. Once Mythos goes into broad release, attackers and defenders both have the same superhuman tools. And historically, attackers move faster.

Anthropic’s defender-first approach is the right call. But it’s a band-aid on a much bigger problem — one that the entire industry is going to have to solve together. Assuming they can keep their blog drafts off public servers long enough to coordinate.

Sources: Fortune, Futurism, Investing.com, Techzine