What Is Claude Mythos?
Claude Mythos is Anthropic's unreleased frontier model — confirmed by the company on March 27, 2026 after a CMS misconfiguration exposed roughly 3,000 internal documents, including a draft launch blog post. An Anthropic spokesperson told Fortune the model represents "a step change" in AI performance and is "the most capable we've built to date." Training is complete. Early access testing is underway with a small group of cybersecurity organizations.
If you're a developer, security researcher, or enterprise AI buyer, here is everything confirmed so far — and what it actually means.
How the Leak Happened
A configuration error in Anthropic's content management system left a folder containing approximately 3,000 assets publicly accessible and searchable. The repository included a draft blog post for Claude Mythos, complete with headings and a publication date. The leak was discovered by cybersecurity researchers Alexandre Pauwels of the University of Cambridge and Roy Paz, Senior AI Security Researcher at LayerX Security.
The timing is notable: Anthropic was apparently preparing a structured public launch, not an accidental reveal. The draft was formatted as a finished product announcement. Two versions of the blog post surfaced — one using the name "Mythos" and one using "Capybara" — with Anthropic telling Fortune they were "early drafts of content that were being considered for publication," suggesting the company was still deciding between the two names.
The New Capybara Tier: What It Means for the Model Hierarchy
Anthropic currently sells Claude in three tiers: Haiku (fastest, cheapest), Sonnet (balanced), and Opus (most capable). Mythos introduces a fourth tier above all of them.
The leaked draft describes "Capybara" as "a new name for a new tier of model: larger and more intelligent than our Opus models — which were, until now, our most powerful." Compared to Claude Opus 4.6, Capybara gets "dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity, among others."
The updated hierarchy looks like this:
| Tier | Model | Status |
|---|---|---|
| Haiku | Claude Haiku 4.5 | Generally available |
| Sonnet | Claude Sonnet 4.6 | Generally available |
| Opus | Claude Opus 4.6 | Generally available |
| Capybara | Claude Mythos | Invite-only early access |
The leaked draft also described Mythos as planning and executing sequences of actions autonomously — moving across systems, making decisions, and completing operations without waiting for human input at each stage. This is a meaningful architectural shift, not just an incremental capability bump within an existing tier.
Cybersecurity Capabilities: Why Stocks Dropped
The most consequential detail in the leak is Mythos's cybersecurity performance. The draft blog post said the model is "currently far ahead of any other AI model in cyber capabilities" and that it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."
Markets responded immediately. The iShares Expanded Tech-Software Sector ETF (IGV) dropped nearly 3% on March 27. Cybersecurity stocks were hit harder: Palo Alto Networks fell 7%, CrowdStrike dropped 6.4%, and Zscaler declined 5.8%.
The concern is structural. A Dark Reading poll found that 48% of cybersecurity professionals now rank agentic AI as the number one attack vector for 2026 — above deepfakes and all other categories. Mythos, with its autonomous multi-step execution, directly feeds that concern.
This isn't theoretical. Anthropic previously admitted that a Chinese state-sponsored group exploited Claude's agentic capabilities to infiltrate roughly 30 global targets, "pretending to work for legitimate security-testing organizations" to sidestep Anthropic's AI guardrails. Mythos is significantly more capable than the model used in that campaign.
Anthropic is privately warning top government officials that Mythos makes large-scale cyberattacks much more likely in 2026. One source briefed on the model said a large-scale attack could hit this year.
Why Anthropic Is Releasing It Anyway
This is where Anthropic's "responsible scaling" framing gets tested. The company isn't shelving Mythos — it's staging the rollout deliberately.
Anthropic said it is releasing Mythos in early access to organizations, "giving them a head start in improving the robustness of their codebases against the impending wave of AI-driven exploits." The argument: defenders need access to the same capability level as potential attackers, and giving blue teams an early window is preferable to a simultaneous general release.
The draft blog also acknowledged the model is "very expensive for us to serve, and will be very expensive for our customers to use," and that Anthropic is working to make it "much more efficient before any general release." Cost-per-token constraints, not just safety policy, are shaping the rollout timeline.
What Developers and Security Teams Should Know Now
Access Is Invite-Only
There is no public API endpoint for Claude Mythos as of March 31, 2026. Early access is limited to cybersecurity organizations working directly with Anthropic. The company confirmed training is complete and the model is currently being trialed by early access customers. No general release date has been announced.
Offense/Defense Asymmetry Is the Real Risk
The leaked draft is unusually candid for a product launch document. Anthropic is not claiming Mythos will only be used defensively. The framing is explicit: the model's capabilities will be used offensively by some actors, and early access to defenders is the mitigation strategy — not prevention.
For security teams: if you work in vulnerability research, penetration testing, or threat modeling, watching Anthropic's early access program is worth your attention. The capability gap between Mythos and Claude Opus 4.6 is described as dramatic across coding, reasoning, and cybersecurity benchmarks — not a marginal improvement.
Agentic Execution Changes the Threat Model
Where prior Claude models respond to instructions one step at a time, Mythos plans and executes sequences of actions autonomously, moving across systems and making decisions without waiting for human input. This is qualitatively different from prompt-response interactions. For organizations running internal AI tooling, the threat surface expands significantly when agents can chain actions independently.
The Broader Race Context
The Mythos leak landed the same week The Information reported that OpenAI completed pretraining on its next frontier model, internally codenamed "Spud." Both companies are accelerating toward general release of models that, by their own accounts, represent step changes in capability.
Anthropic's decision to stage Mythos behind an invite-only early access program — rather than a standard API launch — signals that internal safety evaluations have returned results the company considers genuinely novel. That's different from standard pre-launch caution.
For developers building on Claude today: the current production API (Claude Opus 4.6) is not affected. Mythos is a separate track. Watch Anthropic's early access announcements if your work touches vulnerability research, red-teaming, or autonomous coding agents.
FAQ
What is Claude Mythos?
Claude Mythos is Anthropic's unreleased frontier model, confirmed March 27, 2026 after a CMS leak. It sits above Claude Opus 4.6 in a new tier called Capybara and scores dramatically higher on coding, reasoning, and cybersecurity benchmarks. Training is complete; it is currently in invite-only early access.
What is the Capybara tier?
Capybara is a new model tier Anthropic is introducing above Opus. Claude Mythos appears to be the first model in this tier. It is larger, more capable, more expensive to run, and targets use cases where Opus-level performance is insufficient.
Is Claude Mythos available via API?
No. As of March 31, 2026, access is invite-only, limited to cybersecurity organizations working directly with Anthropic. No public API endpoint or general release date has been announced.
Why did cybersecurity stocks fall after the Mythos leak?
The leaked draft described Mythos as "currently far ahead of any other AI model in cyber capabilities" and warned it could enable attacks that outpace defenders. Palo Alto Networks fell 7%, CrowdStrike 6.4%, and Zscaler 5.8% on March 27, 2026.
How is Mythos different from Claude Opus 4.6?
Beyond benchmark scores, the key architectural difference is autonomous multi-step execution. Mythos can plan and execute sequences of actions across systems without waiting for human input at each step — a qualitative change from the prompt-response model of Claude Opus 4.6.
Next step: Apply for Anthropic's early access program at anthropic.com if your organization does offensive security research or vulnerability management — that is the stated first-access group for Claude Mythos.
Sources: Fortune, March 26, 2026 (https://fortune.com/2026/03/26/anthropic-says-testing-mythos-powerful-new-ai-model-after-data-leak-reveals-its-existence-step-change-in-capabilities/) · SiliconAngle, March 27, 2026 (https://siliconangle.com/2026/03/27/anthropic-launch-new-claude-mythos-model-advanced-reasoning-features/)