Anthropic Built a New AI Tier Because Mythos Doesn't Fit in the Existing One

What Anthropic Accidentally Told the World

On March 26, 2026, Anthropic misconfigured a CMS and briefly exposed roughly 3,000 internal assets to the internet. One of them was a draft blog post describing Claude Mythos.

They patched it quickly. Twelve days later, the official announcement dropped. By then, the AI security community already knew this was not a normal release.

The specs: 10 trillion parameters. A new classification tier called Capiara , above Opus, requiring a new hierarchy level because the existing one had no room for what Mythos represents. A 244-page system card. Mixture of Experts architecture.

The benchmark gap is not a gap. It is a canyon.

SWE-Bench Pro: GPT-5.4 and Opus 4.6 cluster near 57-58%. Mythos: 77.8%. That is a 20-point lead. USAMO 2026 math competition: Opus 4.6 scores 42.3%. Mythos: 97.6%. That is a different species, not a better version of the same thing.

What It Found in 30 Days

Mythos scanned more than 1,000 core open-source projects that power the internet in Project Glasswing. 10,000-plus critical vulnerabilities found. 90.6% true-positive rate , better than human security researchers.

Cloudflare: 2,000 vulnerabilities found. Firefox 150: 271 critical patches in one deployment , 10 times more than the previous model found. OpenBSD: Mythos surfaced a 27-year-old hidden bug and built a complete exploit chain. Without human help.

The UK AI Safety Institute tested it on their dual-network challenge , the hardest adversarial benchmark they run. Mythos is the first AI model in the world to beat it end-to-end.

At a partner bank, Mythos stopped a $1.5 million wire fraud attempt in real time. Detecting AI voice cloning, compromised email accounts, and anomalous patterns simultaneously.

Of the 1,129 vulnerabilities submitted to open-source maintainers so far, 75 have been patched. Human programmers take roughly two weeks per fix. Mythos finds them in seconds.

The bottleneck has permanently shifted. It is no longer discovery. It is patching.

Why Anthropic Is Not Releasing It

The 244-page system card contains language that Anthropic chose not to minimise. The cybersecurity capabilities section describes Mythos as "capable of exploiting vulnerabilities in ways that far outpaced the efforts of defenders."

That was not marketing. That was their own security assessment of their own model.

Anthropic built a new classification tier because Capiara-level capability does not fit on the existing scale. They are not releasing Mythos until stronger safeguards are in place , and they actually believe their own rhetoric about why that matters.

Users are already spotting "Mythos 1" strings in Claude Code source code. The rollout is happening. It is just not happening all at once.

"It felt like watching an F-22 fighter jet fly overhead while holding a spear." That was a beta tester describing Mythos versus human security researchers. Not a marketing team. A person who does this work and had just watched something do it better than them by an order of magnitude.