The Accidental Reveal That Shook the AI Industry

On March 26, 2026, a configuration error in Anthropic's content management system inadvertently exposed nearly 3,000 internal documents to the public internet. Among them was a draft blog post describing Claude Mythos—internally codenamed Capybara—as "by far the most powerful AI model we've ever developed." The discovery, made by Fortune journalist Bea Nolan, triggered a cascade of coverage, market reactions, and security debates that continue to reverberate through the industry.

What made this leak extraordinary wasn't just the existence of a new model. It was Anthropic's own candid assessment: Mythos poses "unprecedented cybersecurity risks," and the company had been privately warning senior U.S. government officials that models at this capability level make "large-scale cyberattacks significantly more likely in 2026." This is everything we know—and everything you need to prepare for.

What Is Claude Mythos?

A New Tier, Not Just an Upgrade

Claude Mythos isn't Claude Opus 5. According to the leaked documents, Anthropic defines it as an entirely new model tier: "Capybara is a new name for a new tier of model: larger and more intelligent than our Opus models—which were, until now, our most powerful." If Anthropic's existing lineup runs Haiku (lightweight) → Sonnet (mid-range) → Opus (flagship), Mythos sits above Opus as a premium, ultra-capability tier.

The widely circulated claim of 10 trillion parameters deserves a caveat: this number does not appear in Fortune's reporting or any confirmed Anthropic documentation. Multiple outlets have referenced it, but it remains unverified. What is confirmed is that Mythos delivers "dramatically higher scores" across coding, reasoning, and cybersecurity benchmarks compared to Opus 4.6—suggesting a substantial scale increase, whatever the exact parameter count.

Benchmark Performance: What the Leaks Suggest

All numbers below come from leaked internal documents and third-party analysis. They should be treated as directional signals, not final specifications—pre-release benchmarks frequently shift during optimization.

Coding (SWE-bench Verified) — resolving real-world GitHub issues:

• Claude Opus 4.6: ~72-73%
• Claude Mythos: ~84-88% (estimated 12-15 percentage point improvement)
• GPT-5.4: ~80%
• If accurate, this represents one of the largest coding capability jumps between adjacent Anthropic generations.

Graduate-Level Reasoning (GPQA Diamond):

• Claude Opus 4.6: ~74-79%
• Claude Mythos: ~80-85%
• Gemini 3.1 Pro: 94.3% (still leads this benchmark)

Mathematical Reasoning (AIME):

• "Meaningfully better" than Opus 4.6 on competition-level math problems, though specific numbers weren't disclosed.

Cybersecurity:

• Anthropic states Mythos is "currently far ahead of any other AI model in cyber capabilities," excelling at penetration testing, CTF challenges, and security code review. No specific percentages have been shared.

Pricing and Access: The Practical Reality

As of April 2026, Claude Mythos is in a restricted early access phase. Only a small number of enterprise customers handpicked by Anthropic are testing the model. There is no general availability date.

On pricing, the leaked draft was blunt: the model is "very expensive for us to serve, and will be very expensive for our customers to use." For reference, current Claude API pricing:

| Model | Input (per 1M tokens) | Output (per 1M tokens) | |-------|----------------------|----------------------| | Haiku 3.5 | $0.80 | $4 | | Sonnet 4.5 | $3 | $15 | | Opus 4.6 | $5 | $25 | | Mythos | TBD | TBD (significantly above Opus) |

Anthropic has stated it is "working on making it much more efficient before any general release." This strongly suggests that cost optimization is one of the primary gates before public launch. For enterprise customers interested in early access, contacting Anthropic's sales team directly is the recommended path.

The Double Data Leak: A Security Crisis

Leak #1: The Mythos Documents (March 26)

A CMS misconfiguration left ~3,000 unpublished assets in a publicly discoverable data store. These included the Mythos announcement draft, CEO event details, images, and PDF documents. Anthropic acknowledged "human error" in the CMS configuration.

Leak #2: Claude Code Source Code (March 31)

Just five days later, Anthropic accidentally published Claude Code's complete source code to NPM—roughly 500,000 lines of code across 1,900 files. Instead of uploading only the compiled distribution, someone uploaded the original source, including the agentic harness code that instructs the AI model how to use tools and enforces behavioral guardrails.

Anthropic's response: "No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach."

The back-to-back incidents created an uncomfortable irony for a company whose brand identity centers on AI safety. While model weights weren't compromised in either incident—meaning Mythos itself wasn't "leaked" in the technical sense—the operational security lapses raised legitimate questions about internal processes.

The Cybersecurity Double Edge

The most consequential aspect of Claude Mythos isn't its coding benchmarks or reasoning scores—it's the cybersecurity implications. Anthropic has been privately briefing senior government officials that Mythos "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."

The specific concerns are sobering:

On offense: AI agents running on Mythos-class systems can "plan and carry out complex operations with minimal human involvement." This means vulnerability discovery, exploit development, and defense evasion at a speed and sophistication that was previously impossible.

On defense: This is precisely why Anthropic's early access program prioritizes cybersecurity defense organizations. The strategy is to give defenders a "head start" before the capabilities proliferate—whether through Mythos itself or the competing models that will inevitably follow.

CNN described the model as a potential "watershed moment" for cybersecurity. Security researchers are already warning about "Phishing 3.0"—AI-generated attacks that are indistinguishable from legitimate communications and personalized at scale.

A U.S. judge recently blocked the Pentagon's attempt to restrict Anthropic from government work, rejecting what the court called an "Orwellian notion" of labeling the company a supply-chain risk. This legal backdrop adds another layer of complexity to the Mythos rollout.

How to Prepare: A Practical Guide

For Developers

While Mythos remains inaccessible, here's how to position yourself for day-one readiness:

1. Build on Opus 4.6 now. Structure your applications so the model ID is a configuration parameter. When Mythos launches, switching should be a one-line change.
2. Get your API credentials ready. Sign up at platform.claude.com if you haven't already. Familiarize yourself with Anthropic's SDK (Python and TypeScript are the primary options).
3. Implement cost controls. Mythos will be expensive. Build in prompt caching, batch processing, and intelligent routing (use Haiku or Sonnet for simple tasks, reserve the premium tier for complex ones).
4. Contact enterprise sales. If you're planning large-scale deployment, expressing interest early may improve your position in the access queue.

For Security Professionals

Mythos's cybersecurity capabilities make it particularly relevant for security teams:

• Red teaming and penetration testing are reportedly where the model excels most dramatically
• Code audit and vulnerability analysis should see significant improvements over Opus 4.6
• Organizations doing cybersecurity defense work may qualify for the current early access program

Current Best Alternatives

Until Mythos goes public, here's where each leading model excels:

• Claude Opus 4.6: Best for coding (80.8% SWE-bench), strong reasoning, 1M token context window
• GPT-5.4: Best ecosystem (image generation, voice, plugins, web browsing), competitive coding
• Gemini 3.1 Pro: Best for academic reasoning (94.3% GPQA), largest context window (2M tokens), best cost efficiency

What Comes Next

Claude Mythos represents a genuine inflection point—not because of any single benchmark number, but because it has shifted the industry conversation from "how capable can we make these models" to "how safely can we deploy them." Anthropic's decision to delay general release, prioritize defensive applications, and brief government officials before launching tells you everything about where we are in AI development. The capabilities are arriving faster than the governance frameworks needed to manage them. For practitioners, the smartest move right now is building robust systems on Opus 4.6 while keeping a close eye on Anthropic's official channels for Mythos updates. The model that leaked itself is coming—the only question is when, and at what price.