Skip to main content
Meet us at Black Hat USA 2026— Las Vegas, August 1–6Book a Meeting
Mallory
Back to intelligence
cloud-misconfigurationai-platform-securitybreach-disclosure-notificationleaked-secret-api-key

Anthropic Leak Exposes Claude Mythos and Thousands of Internal Assets

Updated 2d agoFirst seen Mar 27, 20267 sources

Anthropic confirmed that an internal data exposure revealed details about Claude Mythos, an unreleased AI model the company described in leaked draft materials as its most capable system to date. The leak surfaced through an unsecured, publicly searchable cache tied to a content management system misconfiguration, which reportedly failed to mark uploaded files as private before storing them in a publicly accessible data lake. Exposed materials included a draft blog post, PDFs, images, release-related content, and information about an exclusive CEO-level event.

Reports said the exposure involved nearly 3,000 unpublished assets and included internal language stating that Anthropic had assessed Claude Mythos as posing unprecedented cybersecurity risks. Anthropic said the model is real and is being tested by early-access customers, but it had not disclosed whether anyone beyond journalists accessed the data or what remediation steps were taken. The incident has intensified scrutiny of the company’s data governance, access controls, and broader safety claims around pre-deployment evaluation of advanced AI systems.

Share:
Anthropic Leak Exposes Claude Mythos and Thousands of Internal Assets
Stay ahead

Get ahead of threats like this

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.

EVENT TIMELINE

How this story unfolded

4 events from the most recent confirmed update back to the earliest known activity.

4 EVENTS
Apr 7, 20263mo ago

Anthropic restricts Claude Mythos to 40 security organizations

Anthropic said it would not release Claude Mythos to the general public and instead limit access through Project Glasswing to 40 organizations for defensive cybersecurity work. The company cited Mythos's unusually strong vulnerability discovery and exploitation capabilities, and said participants would analyze their own systems and relevant open-source software and share findings with industry.

La IA m�s avanzada de Anthropic es tan peligrosa que, de momento, s�lo lo podr�n usar 40 organizaciones de seguridad | Tecnolog�a
Apr 3, 20263mo ago

Claude Code npm update exposes source map and full codebase archive

In a separate Anthropic exposure, a Claude Code npm package update accidentally included a source map that pointed to a cloud-hosted zip archive containing the full Claude Code codebase. The archive was quickly discovered and mirrored online, expanding scrutiny of Anthropic's internal release and development pipeline security.

Your AI Vendor's Worst Enemy Is Its Own Development Pipeline
Mar 27, 20263mo ago

Anthropic confirms Claude Mythos leak and early testing status

After the exposure was reported, Anthropic confirmed the accidental leak and acknowledged that Claude Mythos exists, describing it as its most capable model to date. The company said the model was being tested by early access customers and that the leaked draft materials characterized it as posing unprecedented cybersecurity risks in internal assessments.

Anthropic accidentally exposes internal Claude Mythos materials

Anthropic inadvertently left internal assets related to its unreleased Claude Mythos model publicly accessible due to a content management system configuration issue that failed to mark uploaded items as private. The exposure reportedly included nearly 3,000 unpublished assets, including draft posts, PDFs, images, and details about an exclusive CEO event.

LINKED ENTITIES

Related entities

Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.

30 LINKEDOpen in app
Affected products
2 linked
Claude CodeAzure
Organizations
25 linked
AnthropicRippleCisco SystemsNvidiaAmazon Web ServicesLinkedinPalo Alto NetworksMeta PlatformsCrowdStrikeOpenaiXAppleBroadcomLayerXMicrosoft CorporationGitHubWizJPMorgan ChaseFortuneGoogleMashableVice MediaFortune MediaResolvBittensor
Breaches
3 linked
ANTHROPIC-2026-04MICROSOFT-2020-07META-2026-04
The operational view lives in Mallory

See the full picture, correlated to your attack surface.

This page covers what’s public. Mallory adds the parts that aren’t — which of your assets are affected, which threat actors are using it right now, which detections to deploy, and what to do next.
Exposure mapping

Map indicators from this story to your assets and identify affected systems in minutes.

Threat actor evidence

Every observed campaign, victim, and pivot linked to actors named in this story.

Associated malware

Malware, exploits, and IOCs connected to the activity described here.

Detection signatures

YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.

Scheduled alerts

Get matching new stories delivered to your team as they break — not the next morning.

AI threads

Ask questions about this story and take action on the answers.