The story so far reads like something out of a bad thriller: a
misconfigured content management system, 3,000 unsecured documents, and
the accidental exposure of what Anthropic now confirms is the most
capable AI model it has ever built. Fortune broke the story last
Thursday. By Friday’s open, cybersecurity stocks were in free-fall.
CrowdStrike alone lost roughly $15 billion in market cap in a single
session. The catalyst wasn’t an earnings miss, a product failure, or
a CEO departure, it was a draft blog post sitting on an unsecured URL.
What is Mythos?
Claude Mythos — internally codenamed “Capybara” — is a new tier of
model that sits above Anthropic’s current flagship Opus line. The leaked
draft describes it as larger and more intelligent than anything the
company has shipped. Anthropic confirmed this much, calling it “a step
change” in reasoning, coding, and cybersecurity capabilities.
The key detail that spooked the market: the draft warns that Mythos
is “far ahead of any other AI model in cyber capabilities” and signals
an incoming generation of models that can find and exploit software
vulnerabilities faster than human defenders can patch them. Anthropic
itself is reportedly warning senior government officials that
large-scale AI-assisted cyberattacks become substantially more likely
this year.
The fear is that the new generation of models will have the capability to break the internet, or at least anything that needs to secure data.
Traditional cybersecurity vendors — CrowdStrike, Palo Alto, Zscaler,
Okta — command premium multiples because they sit on proprietary threat
telemetry and years of accumulated detection logic. If a general-purpose frontier model can replicate or
exceed that capability at scale, investors are right to question the
durability of those margins.
Raymond James analyst Adam Tindle outlined several risks worth
highlighting: compression of traditional defensive advantages, rising
attack complexity that pushes up the cost to defend, and the possibility
of wholesale shifts in how security budgets are allocated.
“We read this as having the potential to become the ultimate hacking
tool, and one that can elevate any ordinary hacker into a nation-state
adversary,” Stifel analyst Adam Borg in a research note on Friday.
The other side of the trade — and the bull case for spending — is that
this forces enterprises to modernize their defences immediately. The big cybersecurity names have also been given early looks at Mythos to both prepare and evaluate what they find. Ultimately, it could add to their moat and a big reason for the major bounce in security stocks today is that Palo Alto Networks CEO Nikesh Arora bought $10m in shares last week.
PANW stock daily
Here’s where it gets more interesting from a cross-asset perspective.
Mythos doesn’t land in isolation. It lands in a market that is already
trying to reprice the velocity of AI disruption across all of software.
For macro traders, the AI capex cycle is the other thread to pull.
Mythos is described as extremely compute-intensive and expensive to run —
Anthropic says it’s working on efficiency before any broad release.
That’s bullish for the picks-and-shovels trade: NVDA, the hyperscalers,
power infrastructure. If the next generation of models requires
substantially more compute, the capital spending cycle has further to
run even as the downstream beneficiaries face disruption.
We also can’t ignore the geopolitical overlay. Anthropic has been
blacklisted by the Trump administration after setting limits on military
use of its models, and is now in litigation with the federal
government. Mythos arriving during that standoff is a complication. If
the model is genuinely as powerful in offensive cyber capabilities as
described, the question of who gets access — and who doesn’t — becomes a
national security issue.
The competitive angle
OpenAI reportedly finished pre-training its own frontier model,
codenamed “Spud,” around the same time this leak hit. Both companies are
reportedly positioning for IPOs later this year. The timing of the
Mythos leak — whether genuinely accidental or not — couldn’t be more
combustible. This is going to be a theme for the rest of 2026: frontier
AI labs racing to demonstrate capability while trying to manage the
political and regulatory consequences of that capability.
The immediate question is how cybersecurity names trade this week as
the story matures. Friday’s sell-off was indiscriminate but the bounce today has been equally large.
Longer term, watch for three things:
First, Anthropic’s release timeline. They’ve said they’re giving
cyber defence organisations early access before any general
availability. How long that staged rollout takes matters enormously for
how fast the threat landscape actually shifts.
Second, the policy response. If Anthropic is genuinely warning
officials that Mythos makes large-scale attacks more likely, there is
going to be pressure for export controls, access restrictions, or some
form of licensing regime for frontier cyber models. That’s a new
regulatory risk for the entire AI sector.
Finally, there has been no shortage of hype around a ‘step change’ in models and we’ve seen it so many times before. But if it’s true and we are getting a new generation of truly superior models, that further extends the ceiling of what AI can do and how disruptive it is for the economy, and ultimately, how useful it will be.
