Anthropic, the AI company behind the Claude family of models, has confirmed it is testing a new and more powerful AI model after an accidental data leak exposed internal draft documents describing the system in detail.
The leak, reported by Fortune, was caused by a misconfiguration in Anthropic's content management system (CMS), which stores assets for the company's public-facing blog.
Assets uploaded to the CMS are set to publicly accessible by default unless a user explicitly marks them private, and the error left nearly 3,000 unpublished files discoverable in a publicly searchable data store.
The exposed documents included a draft blog post describing a new model called Claude Mythos, which Anthropic described internally as "by far the most powerful AI model we've ever developed."
Security researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge discovered the exposed data store and alerted Fortune, which contacted Anthropic on Thursday; the company then restricted public access to the cache.
An Anthropic spokesperson confirmed the model's existence to Fortune, describing it as "a step change" and "the most capable we've built to date," adding that it represents "meaningful advances in reasoning, coding, and cybersecurity."
The draft documents revealed that Mythos is the first model in a new product tier called Capybara, which would sit above Opus, currently Anthropic's most capable and expensive tier, in a restructured model line-up that also includes Sonnet and Haiku.
According to the leaked draft, Capybara "gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity" compared with Claude Opus 4.6, Anthropic's previous flagship.
The same documents flagged serious concerns about what Anthropic described as "unprecedented" cybersecurity risks posed by the model, warning that it is "currently far ahead of any other AI model in cyber capabilities" and "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."
Anthropic said it was providing early access to a small group of organisations to give them "a head start in improving the robustness of their codebases" ahead of what it described as an "impending wave of AI-driven exploits."
The company said the model is not ready for general release, in part because it is "very expensive to serve," and that it is working to make it more efficient before a wider launch.
Two versions of the draft blog post surfaced online, one using the name Mythos throughout and one substituting Capybara, suggesting the company had not yet settled on a final product name at the time of the leak.