Anthropic didn’t intend to introduce Mythos this way. Details of what it calls its most capable AI model yet surfaced through a data leak in its content management system (CMS), revealing a LLM with sharply improved reasoning and coding skills.
The data leak, which was the result of the company’s staffers inadvertently exposing material about the LLM, including a draft blog post about it, via a publicly accessible data repository, was first identified by independent security researchers last week.
Following disclosure of the issue, Anthropic restricted public access to the data store, only to later attribute the exposure to a configuration error in its CMS and confirm the existence of the model to Fortune, which was the first to report the leak.
Apple-focused leaker M1Astra also flagged the exposure, archiving a copy of a draft Anthropic blog post about Mythos on X before access was restricted.
In that draft, Anthropic itself struck a cautious tone, signaling concern about the model’s potential implications on cybersecurity.
“In preparing to release Claude Mythos, we want to act with extra caution and understand the risks it poses — even beyond what we learn in our own testing,” the company wrote, adding that it is particularly focused on assessing near-term cybersecurity risks.
The blog further stated that Anthropic wants to seed Mythos across enterprise security teams first and has already been testing the model’s cybersecurity prowess with a “small number of early access customers.”
The rationale seems straightforward: if today’s models can already identify and even help exploit software vulnerabilities, a more capable system like Mythos could significantly accelerate both discovery and misuse — raising the stakes for defenders and attackers alike.
Pareekh Jain, principal analyst at Pareekh Consulting, says Mythos could cut both ways for CISOs and enterprise security teams, compressing the gap between cyber offense and defense.
While at one end, models like Mythos could transform security by automating vulnerability discovery, continuous red-teaming, faster triage, and large-scale threat hunting areas, on the other hand, it could make cyberattacks easier by letting AI agents act autonomously with high skill, Jain said.
That risk for CISOs is not theoretical, Jain added, as earlier-generation models were quickly repurposed into tools for developing malware.
The risk is even higher with Mythos because of its capabilities like “recursive self-fixing,” Vladimir Belomestnov, senior technical specialist at HCLTech, wrote in a post on LinkedIn.
“The leaked files highlight a capability for the AI to autonomously identify and patch vulnerabilities in its own code. Even if this is currently limited to assisted exploitation, it suggests a narrowing gap between human and machine software engineering,” Belomestnov wrote.
However, Anthropic appears to be some distance from a full release of the model.
“Mythos is also a large, compute-intensive model. It’s very expensive for us to serve, and will be very expensive for our customers to use. We’re working to make the model much more efficient before any general release,” the copy of the draft blog post reads.
What is clear, however, is that the company is already planning a phased rollout targeting cybersecurity use cases.
“We’ll be slowly expanding access to Claude Mythos to more customers using the Claude API over the coming weeks. Since we’re particularly interested in cybersecurity uses, that’s where we aim to expand the EAP initially,” the company wrote in the draft blog post.
There is another copy of the blog post, which also names the model as Capybara. Anthropic hasn’t made it clear what the final name of the model will be.
The indecision over the model’s name, though, didn’t stop it from rattling markets last week. Shares of cybersecurity vendors, including CrowdStrike, Palo Alto Networks, Zscaler, and Fortinet, fell as investors assessed what more capable models within Claude Code Security could mean for the competitive landscape.
However, Avasant’s research director, Gaurav Dewan, was more optimistic about Mythos’ impact on vendors: “Powerful models will not replace cybersecurity platforms”.
Rather, Dewan sees vendors increasingly embedding frontier models from Anthropic and OpenAI and others into their stacks for vulnerability discovery, code and cloud posture management, and threat investigation and response automation.
“One can expect partnerships and controlled integrations, not disintermediation. Vendors that already own telemetry, workflows, and enforcement will benefit most,” Dewan added.