Anthropic Unveils Claude Mythos for High Stakes Enterprise AI 

Anthropic Unveils Claude Mythos for High Stakes Enterprise AI 

Anthropic has created a new flagship AI model, Claude Mythos, also known as Capybara. This model aims to outperform Claude Opus. A March 2026 leak revealed that it targets enterprises that need advanced reasoning, software engineering, and cybersecurity. The leak raised concerns about AI-driven threats.  

Key Features Of Claude Mythos 

  • Anthropic sees my thoughts as a major leap in AI, not just a small improvement. It stands above the current Claude opus.  
  • Mythos scores higher in encoding and academic reasoning. It excels at identifying vulnerabilities.  
  • High-stakes application-focused mythos is designed for areas where errors can be costly, such as financial modeling, scientific research, and complex legal work.  
  • Advanced reasoning. My COS is designed to handle complex reasoning and better understand large code bases, making it more useful for enterprise developers.  

Cybersecurity Risks and Wait-and-See Rollout 

Anthropic’s tests showed that Mythos could assist in cyberattacks that exceed current AI safety limits.  

  • Anthropic bond Mythos could exploit vulnerabilities faster than defenders can respond.  
  • Due to risks, Anthropic is cautious. Early access goes only to a few cybersecurity defenders. This helps them strengthen codebases before a wider launch.  
  • After the leak, stocks like CrowdStrike and Palo Alto Networks fell by over 5%. Investors expected big changes in security.  

Status and Context 

  • As of late March 2026, my thaw remains in internal and early testing. No public release date is set.  
  • Details leaked when draft blog posts were left in a public data cache. Anthropic blamed human error in their CMS. Setup  

Mythos is expected to compete directly in the intense AI market, especially with new advanced models from companies like OpenAI.  

A mistake in Anthropic PVC’s content management system revealed that the company is testing a new large language model called Claude Mythos.  

Andropic confirmed the project in a statement to Fortune on Thursday. The company said its machine learning engineering team has completed model training for Claude Mythos and has begun closed beta testing, providing the system to selected early customer partners. Anthropic described Claude Mythos as the most capable language model we’ve built to date, citing its natural language understanding and code-generation capabilities.  

My thoughts were uncovered after the accidental publication of a CMS folder containing 3,000 model-related assets. The folder included deployment scripts and a draft launch blog post. Fortune reports that the draft indicates the new large language model will be priced in a higher tier than Anthropic’s existing models, reflecting increased computational costs.  

The blog post also revealed that Anthropic will modify its approach to offering LLMs. Currently, Claude 4.6 is available in three versions, each with different features and prices. With the launch of Claude Mythos, Anthropic will introduce a fourth perk product on top of the existing tiers, expanding its offerings.  

The new Claude Mythos LLM is anticipated to achieve opus-Anthropis’s current most advanced model in both computational power and linguistic performance. The draft blog post refers to the launch variant as Capybara. Anthropic’s internal technical evaluations state that Capybara yields significantly higher accuracy on programming and logic benchmarks than Claude 4.6 Opus.  

Internal testing shows that Capybara excels at detecting cybersecurity vulnerabilities in codebases. As a result, Anthropic intends to implement model access restrictions and security auditing procedures to prevent unauthorized use by potential attackers.  

According to the draft, the post model presages an upcoming wave of models that can exploit vulnerabilities far more effectively than defenders can defend against them. The post also states we’re releasing it in early access to organizations, giving them a head start in improving the robustness of their code bases against the impending wave of AI-powered exploits.  

After the news broke, shares of CrowdStrike Holdings, Inc., Palo Alto Networks, Inc., and other major cybersecurity companies fell more than 5%. Investors expressed concern that Capibara could gain an edge in the vulnerability detection market. Just last month, Anthropic entered this market by launching a tool called Claude Code Security.  

The disclosure of Claude Mythos comes a few days after word emerged that OpenAI Group PBC has finished pre-training its new LLM. Pre-training is the phase of the development workflow in which engineers build a model’s core capabilities. It’s followed by smaller optimizations that focus on improving the LLM’s hardware efficiency, safety, and usability.  

OpenAI’s new model is reportedly known as SPUD internally. The company is expected to launch it within the next few weeks.  

Source:  Anthropic to launch new ‘Claude Mythos’ model with advanced reasoning features  

Microsoft RSAC alert: AI Evolves from Tool to Cyber-attack Surface. 

Microsoft RSAC alert: AI Evolves from Tool to Cyber-attack Surface. 

Over the past year, the main topic at the intersection of AI and cybersecurity has been speed. While speed is important, it is not the biggest change in today’s threat landscape. Threat actors, from nation-states to cybercrime groups, now use AI to plan, refine, and maintain their cyberattacks. Their goals remain the same, but the pace, repetition, and scale of AI-powered attacks raise the stakes.  

Still, just like defenders, most attackers today have a human involved, not fully autonomous AI running the show. AI is making every stage of the attack process easier, helping attackers research faster, write more convincing vectors, create malware, and sort through stolen data. Security leaders I met at RSAC 2026 this week are now shifting their resources and strategies to stay ahead of these changes.  

The Operational Reality: Embedded, Not Emerging 

The scale of current threats is too big to ignore. VC activity in every region. The United States accounts for almost 25% of what we have, with the United Kingdom, Israel, and Germany following. The volume reflects real economic and geopolitical factors.  

The major shift isn’t location but attackers’ methods; they use AI throughout their processfrom information gathering to malware development and post-breach actions. Stealing credentials, making money, or spying remain the aims, but attacks are now more precise, persistent, and larger in scale.  

Email Is Still the Fastest Inroad 

Email is still the quickest and most affordable way for attackers to get in. What’s different now is how much better AI makes the messages that trick people into clicking.  

With AI in phishing campaigns, click-through rates have jumped to 54% from about 12% with older methods, resulting in a 450% boost in effectiveness. Not because there are more emails, but because the messages are more precise. AI helps attackers fine-tune content and adjust messages for certain roles, making it easier to trick people. When this improved targeting is paired with tools that implement multi-factor authentication (MFA), phishing becomes more resilient, more focused, and much harder to stop on a large scale.  

A450% jump in click-through rates redefines organizational risk, showing that AI enables not just more but better attacks.  

Tycoon2FA: What Industrial Scale Cybercrime Looks Like 

Tycoon 2FA shows how the group we call Storm-1747 has become more refined and resilient. Learning how this operation worked helps us see where threats are going. It also sparked discussions at RSSC 2026 about the broader ecosystem rather than just individual attackers.  

Typhoon 2FA was not a phishing kit; it was a subscription platform that generated tens of millions of phishing emails per month. It was linked to nearly 100,000compromised organizations since 2023. At its peak, it accounted for roughly 62% of all phishing incidents Microsoft blocked each month. This operation specializes in adversary-in-the-middle attacks aimed at defeating MFA. It intercepted credentials and session tokens in real time, allowing attackers to authenticate as legitimate users without triggering alerts even after passwords were reset.  

However, the bigger shift is in group organization. Storm 1747 used specialized services for fishing templates, infrastructure, and email sending. Access, sales, and creating an assembly-line–like approach to identity theft. Services could be mixed, scaled, and subscribed to as needed.  

This model has shifted the conversation. It’s no longer about one skilled attacker but about an entire ecosystem that makes access easier for anyone who joins in. That’s what AI is doing across the threat landscape giving advanced tools to everyone. Key takeaway: AI-driven ecosystems democratize attack capabilities for all threat actors.  

Disruption: Closing the Threat Intelligence Loop 

Earlier this month, our digital crimes unit, working with Europol and industry partners, took down Tycoon 2FA and seized 330 domains. But the real goal wasn’t just to remove websites; it was to put pressure on the supply chain. Today’s cybercrime relies on scalable service models that make it easier for more people to get involved. Identity is the main target, and bypassing MFA is now a standard feature. Shutting down one service forces attackers to adapt, and ongoing pressure breaks up their ecosystem. By hitting the financial side of a tax, we can change the landscape. Key takeaway: Disruption efforts should target criminal supply chains to reduce future risk.  

Every time we disrupt an attack, it generates a signal. The signal feeds intelligence. Each time we stop an attack, we get new information. The information enhances our intelligence, improving our detection. Better detection leads to faster responses. This is how we turn attacker actions into stronger defenses and how our efforts add up over time. Microsoft stands out because we can observe, act, and share intelligence at scale and we have a significant impact when we put it into practice. AI doesn’t appear in just one phase of an attack; it spans the entire life cycle. At RCC 2026, this week, I offered a frame to help defenders rank their response:  

  • In reconnaissance, AI accelerates infrastructure discovery and persona development, compressing the time between target selection and first contact.  
  • In resource development, AI generates forged documents, polishes, social engineering, narratives, and supports infrastructure at scale.  
  • For initial access, AI refines voice-overlays, deepfakes, and message customization using scraped data, producing lures that are increasingly difficult to distinguish from authentic communications.  
  • In persistence and evasion, AI scales fake identities and automates communication, preserving the attacker’s presence while blending into normal activity.  
  • In weaponization, AI enables malware development, payload regeneration, and real-time debugging, producing tooling that adapts to the victim’s environment rather than relying on static signatures.  
  • In post-compromise operations, AI adapts tooling to the specific victim environment and, in some cases, automates ransom negotiation.  

The goals remain: Dash stealing credentials, making money, and spying. What’s new is the pace and scale. Column attackers repeat and improve. Test and refine much more quickly. AI isn’t just enabling faster attacks; it’s making them better.  

What Comes Next 

During my sessions at RSSC 2026 this week, I discussed several key themes. That shows how AI is changing the threat landscape, a threat model. The scenarios we prepare for have changed. The barrier to launching sophisticated attacks has collapsed. What once required the resources of a nation-state or well-organized criminal enterprise is now available to a motivated individual with the right tools and the patience to use them. The techniques have not fundamentally changed; the precision, velocity, and volume have.  

The second theme is the software supply chain. It’s not only about compliance, you need to know what software and agents you have and how they behave. The agent ecosystem will soon be the most targeted part of any business. If organizations can’t answer basic questions about their software, they won’t be able to protect it.  

The third theme highlights the value of human talent in security operations using agency systems at scale. The traditional security analyst role is shifting from practitioner to orchestrator; talent models must catch up, and technology now helps prevent errors. Auditability of agent decisions is a governance standard, not just a goal. The future security operations center needs different defenders.  

Now is the time to guide with a clear strategy, set priorities, and build stronger accountability for agentic systems.  

If AI is present throughout the attack life cycle, our intelligence and defenses must be there too. Microsoft threat intelligence will continue to track, share, and act on what we see in real time. The patterns are clear, and the intelligence is available. Key takeaway: Ongoing monitoring and response are essential in the AI-driven threat landscape.  

To find out more about Microsoft security solutions, visit our website. You can also bookmark our security blog for security expert updates and follow us on LinkedIn (Microsoft Security) and X (@MSFTsecurity) for the latest cybersecurity news.

Source: Threat actor abuse of AI accelerates from tool to cyberattack surface