Anthropic leak raises AI‑cyber alarms

Cybersecurity researchers Roy Paz of LayerX and Alexandre Pauwels of the University of Cambridge discovered roughly 3,000 unpublished Anthropic assets in an unsecured, publicly searchable data cache tied to the company’s blog. (theoutpost.ai) Fortune reviewed the exposed drafts on March 26, 2026, after which Anthropic removed public search access and attributed the exposure to a “human error” in its content‑management configuration. (tech.yahoo.com) Leaked internal text describes Claude Mythos as a “step change” and “the most capable we’ve built to date,” and the cache includes references to a new top tier codenamed “Capybara” positioned above the Opus series. (tech.yahoo.com) (help.apiyi.com) Tokio Marine HCC’s head of cyber, Xavier Marguinaud, warned insurers that AI‑driven attacks could produce “risk clustering” across shared digital infrastructure, prompting firms to reassess aggregation exposure models. (insurancebusinessmag.com) At RSAC 2026 vendors demonstrated AI‑native detection and agentic response tools that promise to shrink investigations from hours to seconds, with SentinelOne, Saviynt, CrowdStrike and others unveiling agentic and identity‑centric offerings on the show floor. (channelinsider.com) (crn.com) Frontline threat intelligence shows the operational picture accelerating: CrowdStrike’s 2026 Global Threat Report says AI‑enabled adversaries rose 89% year‑over‑year while average eCrime breakout time fell to 29 minutes (fastest recorded breakout 27 seconds). (crowdstrike.com) GovInfoSecurity and vendor reports meanwhile highlight a surge in credential‑based attacks, and Thales reports credential theft now drives roughly 67% of cloud infrastructure compromises. (govinfosecurity.com) (cpl.thalesgroup.com) Bankers and investors are paying attention: The Information reports Anthropic has discussed a possible Q4 2026 IPO and has been pitched potential valuations as high as $60 billion by advisors. (theinformation.com)