Claude Mythos Leak Explained: What Happened on March 26
A complete reconstruction of how a CMS misconfiguration exposed Anthropic's most powerful AI model — and nearly 3,000 internal documents.
TL;DR: On March 26, 2026, a CMS misconfiguration on Anthropic’s website exposed roughly 3,000 unpublished assets to the public internet, including a draft blog post describing a new model tier called “Capybara” and its first model, Claude Mythos. The leak triggered immediate media coverage, a cybersecurity stock selloff erasing approximately $400 billion in market value, and forced Anthropic into an unplanned public confirmation of the model’s existence.
How the Claude Mythos Leak Was Discovered
The leak was first identified on March 26, 2026, by Roy Paz, a security researcher at LayerX Security, and Alexandre Pauwels, a researcher affiliated with the University of Cambridge. According to their initial disclosures, the pair discovered that a misconfiguration in Anthropic’s content management system had left a large volume of internal assets publicly accessible without authentication.
The exposed material included approximately 3,000 unpublished items. Among them were draft blog posts intended for future release, internal model specification documents, and development-related files that were never meant to be publicly visible.
The most consequential item was a draft blog post that described a new, unreleased AI model in considerable detail. Within hours of the discovery, screenshots and excerpts from the draft began circulating on social media and security forums, making containment impossible.
What the Claude Mythos Leak Revealed
The leaked draft blog post described a new model tier Anthropic had internally designated “Capybara.” Claude Mythos was identified as the first model in this tier. The document characterized it as “a step change” in AI capabilities, distinct from the incremental improvements typical of prior Claude releases.
According to the draft, Claude Mythos achieved “dramatically higher scores” across coding, reasoning, and cybersecurity benchmarks compared to existing models. The language was notably strong for an Anthropic publication: the document described the model as “far ahead of any other AI model in cyber capabilities.”
The draft did not include specific numeric benchmark results. All performance claims were qualitative in nature, using comparative language rather than publishing scores or percentages. This omission is significant because it limits independent verification of the claims made in the document.
The blog post also outlined the model’s intended deployment strategy, suggesting Anthropic planned a phased rollout rather than a broad public launch. The document stated that Anthropic was “taking a slower, more gradual approach to releasing Mythos,” consistent with the company’s historical emphasis on staged deployment for its most capable systems.
How the Media Covered Claude Mythos
Fortune broke the story on March 26, 2026, publishing the first major report based on the leaked materials. The article detailed the contents of the draft blog post and the circumstances of the CMS exposure.
By March 27, coverage had spread rapidly. CNBC, CoinDesk, The Decoder, and Futurism all published their own reports, each drawing on the leaked materials and adding commentary from industry analysts and security researchers.
The market reaction was swift and severe. Cybersecurity stocks bore the brunt of the selloff, driven by investor concern that Claude Mythos’s reported cyber capabilities could fundamentally shift the threat landscape. According to market data from March 27:
- The iShares Cybersecurity ETF declined 4.5%.
- CrowdStrike, Palo Alto Networks, and Zscaler each fell approximately 6%.
- SentinelOne dropped roughly 6%.
- Okta and Netskope fell more than 7%.
- Tenable was the hardest hit, declining approximately 9%.
The Global Cybersecurity Index fell 4.2% within 24 hours of the initial reports. Analysts estimated the selloff erased approximately $400 billion in combined market capitalization across the cybersecurity sector. The speed of the decline underscored how seriously the market took the leaked claims about the model’s offensive and defensive cyber capabilities.
Anthropic’s Response to the Claude Mythos Leak
Anthropic confirmed the existence of Claude Mythos shortly after the leak became public, effectively abandoning whatever announcement timeline had been planned internally. The company’s public statements emphasized its commitment to “responsible deployment” of the model.
According to Anthropic’s communications, the model was described as “very expensive to serve,” suggesting that compute costs would be a limiting factor on availability. This framing positioned the model as a premium offering rather than a broadly accessible tool.
Anthropic stated that early access to Claude Mythos would be limited to cyber defenders, aligning with the staged deployment approach described in the leaked draft. The intent, according to the company, was to ensure that defensive applications of the technology were established before broader access was granted.
The leaked blog post itself had previewed this posture, stating that Anthropic was “taking a slower, more gradual approach to releasing Mythos.” The company’s post-leak messaging was largely consistent with the draft’s language, suggesting the deployment strategy remained intact despite the premature exposure.
Anthropic did not publicly address how the CMS misconfiguration occurred or how long the assets had been accessible before the researchers discovered them.
What Remains Unconfirmed About Claude Mythos
Despite the volume of leaked material and subsequent reporting, several critical details about Claude Mythos remain unverified or undisclosed. The following items should be treated with caution.
⚠️ Specific benchmarks: The leaked draft described performance in qualitative terms only. No numeric benchmark scores, pass rates, or comparison tables have been published or independently verified. Claims of “dramatically higher scores” cannot be evaluated without data.
⚠️ Pricing: Anthropic described the model as “very expensive to serve” but has not disclosed API pricing, token costs, or enterprise licensing terms. The economic model for Claude Mythos remains unknown.
⚠️ Context window: The leaked materials did not specify the model’s context window size. No official or unofficial figure has been confirmed.
⚠️ Release timeline: Anthropic indicated it would be “slowly expanding access over coming weeks,” but no concrete dates, phases, or eligibility criteria have been published.
Until Anthropic publishes official technical documentation or independent researchers conduct verified evaluations, these gaps will persist. Readers should be cautious about treating leaked qualitative claims as established fact.
Further Reading
- Claude Mythos Model Comparison — Side-by-side capability breakdown against other Claude models and competitors.
- Security Impact Analysis — A deeper look at the cybersecurity implications and market fallout.
- Leak Timeline — Hour-by-hour reconstruction of the March 26 events.
- What Is Claude Mythos Capybara? — Background on the Capybara model tier and where Mythos fits in Anthropic’s lineup.