Skip to content
Anthropic Left Its Most Dangerous AI Model Sitting on the Open Internet
AI Safety Cybersecurity Anthropic Claude AI Models

Anthropic Left Its Most Dangerous AI Model Sitting on the Open Internet

🎧Listen to this article
Steve Defendre
March 30, 2026
6 min read

Let me get this straight. Anthropic built what it describes as the most powerful AI model ever created, one that poses "unprecedented cybersecurity risks" by its own admission. Then they left the details about it sitting in an unsecured, publicly searchable data store for anyone to find.

You cannot make this up.

What Leaked

Last Thursday, Fortune broke the story that close to 3,000 unpublished assets from Anthropic's blog were sitting in a publicly accessible data cache. Among them: a draft blog post announcing a model called Claude Mythos, along with details of an invite-only CEO summit in Europe and various internal documents.

Security researchers Roy Paz from LayerX Security and Alexandre Pauwels from the University of Cambridge independently located and reviewed the material. After Fortune contacted Anthropic, the company pulled the data and blamed "human error" in the configuration of its content management system.

The draft post described Claude Mythos as "by far the most powerful AI model we've ever developed." Anthropic confirmed this to Fortune, calling it "a step change" and "the most capable we've built to date." The model is currently being tested with a small group of early access customers.

The Capybara Tier

Here's where it gets interesting from a product standpoint. The leaked documents reveal a new model tier called Capybara, sitting above Opus in Anthropic's lineup. Right now, the hierarchy goes Haiku (small and fast), Sonnet (balanced), and Opus (the heavy hitter). Capybara would be even larger, more capable, and more expensive than Opus.

"Compared to our previous best model, Claude Opus 4.6, Capybara gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity," the draft blog post read.

Capybara and Mythos appear to refer to the same underlying model. Think of Capybara as the product tier and Mythos as the model name.

Cybersecurity risks from AI models capable of finding and exploiting vulnerabilities

The Cybersecurity Problem

This is the part that should actually worry you.

Anthropic's own draft documentation states that Claude Mythos is "currently far ahead of any other AI model in cyber capabilities." The company warns it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."

Read that again. Anthropic is saying, in writing, that this model can find and exploit software vulnerabilities faster than security teams can patch them. And that more models like it are coming.

Their proposed solution? Release it to defenders first. The plan is to give early access to organizations so they can "improve the robustness of their codebases against the impending wave of AI-driven exploits." That's a reasonable approach in theory. Give the good guys a head start.

But we're already past the point where this is theoretical. Anthropic has previously documented that Chinese state-sponsored hacking groups used Claude Code to infiltrate roughly 30 organizations, including tech companies, financial institutions, and government agencies. That happened with current-gen models. Now imagine what happens when something dramatically more capable hits the wild.

This isn't just an Anthropic problem either. OpenAI's GPT-5.3-Codex, released in February, was the first model that company classified as "high capability" for cybersecurity tasks. We're in an arms race, and the weapons are getting sharper on both sides.

The Pentagon Angle

Naturally, the leak became political ammunition immediately.

Under Secretary of War Emil Michael, who has been waging a public campaign against Anthropic for weeks, posted: "Umm...hello? Is it not clear yet that we have a problem here?"

Some context on Michael. He's called Anthropic CEO Dario Amodei a "liar" with a "god complex." He wanted the Pentagon to label Anthropic a supply-chain security risk and effectively ban Claude from government work. A federal judge blocked that move last Thursday, calling it an "Orwellian notion."

Michael also has significant financial ties to AI companies that compete with Anthropic. So take his righteous outrage with the appropriate amount of salt.

The irony is thick here. Anthropic was already cleared to handle classified material for the federal government. The Pentagon's fight has been about wanting more access to Anthropic's models than the company is willing to provide, not less. Anthropic refused to let its models be used for domestic surveillance or fully autonomous weapons. That's what started the beef.

Using a data leak to argue the company is dangerous, while simultaneously trying to force them to give you more access to the same technology, is the kind of logic that only makes sense inside the Beltway.

Market impact from the Claude Mythos leak

Markets Felt It

Wall Street didn't wait around for nuance. Cybersecurity stocks took an immediate hit: Palo Alto Networks, CrowdStrike, and Fortinet all dropped 4-6%. The iShares Expanded Tech-Software Sector ETF fell 2.5%. Bitcoin, which had been flirting with $70,000, tumbled back to $66,000.

The logic is straightforward. If AI models can find and exploit vulnerabilities at scale, the entire cybersecurity industry's value proposition changes. Every company selling vulnerability scanning, endpoint protection, or threat detection just got put on notice that an AI model might do their job better and faster.

Whether that fear is justified right now is debatable. But the market clearly thinks the threat is real enough to price in.

The IPO Question

Here's the cynical read on all of this, and it's worth considering.

The Information reported that Anthropic is eyeing going public later this year. As Gizmodo pointed out, the timing of a leak that essentially tells the world "we have the most powerful AI model ever built" is... convenient. It plays right into what one outlet called "the classic AI company playbook of talking up the dangers of a model to highlight how powerful and capable it is."

I don't think Anthropic intentionally leaked this. Leaving 3,000 assets in an unsecured CMS is genuinely embarrassing, especially for a company that positions itself as the safety-first AI lab. But the leak certainly doesn't hurt their fundraising narrative.

What This Actually Means

Strip away the politics and market noise, and you're left with a real problem that nobody has solved yet.

AI models are getting good enough at cybersecurity to be genuinely dangerous. Not in a hypothetical, hand-wringing way. In a "state-sponsored hackers are already using them to break into companies" way. And the next generation of these models will be significantly more capable.

Anthropic's approach of giving defenders early access is better than just dropping the model publicly. But it's a band-aid on a much bigger wound. The fundamental asymmetry of cybersecurity, where attackers need to find one vulnerability while defenders need to protect everything, gets worse when both sides have AI tools. The attackers will always move faster because they don't need approval processes or change management windows.

We're going to need something more creative than "release it carefully" if we want to stay ahead of this. What that looks like, I genuinely don't know yet. But the clock is ticking, and the models aren't waiting.

Was this article helpful?

Share this post

Newsletter

Stay ahead of the curve

Get the latest insights on defense tech, AI, and software engineering delivered straight to your inbox. Join our community of innovators and veterans building the future.

Join 500+ innovators and veterans in our community

Comments (0)

Leave a comment

Loading comments...