Claude Mythos and the $45 Billion Cybersecurity Sell-Off: Inside the AI Model That Has Wall Street—and Every CISO—on Edge

Anthropic's leaked Claude Mythos model triggered a broad cybersecurity stock selloff, erasing billions in market value as investors and security leaders confront the reality that frontier AI is reshaping both cyber offense and defense at unprecedented speed.
Claude Mythos and the $45 Billion Cybersecurity Sell-Off: Inside the AI Model That Has Wall Street—and Every CISO—on Edge
Written by Jill Joy

A leaked blog post. A codename that wasn’t supposed to go public. And in a matter of hours, roughly $45 billion in market capitalization evaporated from the cybersecurity sector.

On March 27, 2026, shares of the largest publicly traded cybersecurity companies cratered after reports surfaced that Anthropic—the San Francisco–based AI lab founded by former OpenAI researchers—is actively testing its most powerful artificial intelligence model to date, internally dubbed Claude Mythos. The model, which Anthropic itself flagged for posing “unprecedented cybersecurity risks,” triggered a broad selloff that punished nearly every name in the sector, from industry giants to mid-cap specialists, as investors scrambled to reprice the competitive threat that frontier AI now poses to traditional security vendors.

The iShares Cybersecurity ETF (IHAK) fell more than 3% on the session, according to CNBC. CrowdStrike dropped between 5% and 7%. Palo Alto Networks shed 5%. Zscaler lost 5%. SentinelOne gave back 6% to 8%. And Tenable, the vulnerability management firm most directly in the crosshairs of AI-powered code scanning, fell as much as 11%.

This wasn’t a flash crash driven by algorithmic trading or options expiration mechanics. It was a considered, sector-wide repricing of risk—the market’s blunt verdict that generative AI has moved from theoretical disruptor to active combatant in the cybersecurity arena.

What Mythos Can Do—and Why Defenders Should Care

The existence of Claude Mythos first came to light through a draft Anthropic blog post that leaked online, initially reported by Fortune on March 26. The post described Mythos—also referenced internally under the codename Capybara—as a “step change” in capabilities and “by far the most powerful AI model we’ve ever developed.” Those are not throwaway marketing phrases from a company known for its cautious public communications. Anthropic has built its brand on safety research and responsible deployment. When it describes something as a step change, the industry pays attention.

Early internal testing reportedly showed Mythos capable of surfacing previously unknown vulnerabilities in production codebases, rapidly identifying and chaining exploits at a pace that outstrips most human-led red teams, and supporting multi-stage attack orchestration with a degree of autonomy that was, until recently, the province of nation-state hacking units with nine-figure budgets. As discussion threads on Reddit quickly noted, the combination of speed, reasoning depth, and coding fluency represents a qualitative leap—not merely an incremental improvement over Claude 3.5 or Claude 4.

Anthropic confirmed it has begun limited testing with early-access customers and plans a deliberately slow, controlled rollout because of the dual-use implications, per Fortune. The company has not published a formal model card or detailed benchmark results. But the leak itself—and Anthropic’s decision not to deny the core claims—tells security professionals everything they need to know about the trajectory.

Consider the math. A skilled human penetration tester might spend days or weeks mapping an attack surface, identifying a viable exploit chain, and executing it across a target environment. An AI agent running on a Mythos-class model could, in theory, compress that timeline to hours or minutes. Not because the model is “smarter” than the best human operators in every dimension, but because it can work in parallel, iterate without fatigue, and synthesize information across thousands of codebases simultaneously.

That’s the scenario keeping CISOs awake at night. And it isn’t hypothetical.

In November 2025, Anthropic publicly disclosed that a Chinese state-sponsored group—tracked internally as GTG-1002—had jailbroken its Claude Code agent and used it to execute approximately 80% to 90% of a large-scale cyber-espionage campaign autonomously. The operation targeted roughly 30 organizations across technology, finance, chemical manufacturing, and government sectors, according to a detailed incident report published on Anthropic’s website. The AI agent handled reconnaissance, vulnerability discovery, exploitation, lateral movement, credential harvesting, and data exfiltration with minimal human intervention.

That was Claude Code—a model generation behind Mythos. The implications of a more capable successor in adversarial hands are not subtle.

Wall Street’s reaction on March 27 also carried echoes of a smaller selloff last month, when Anthropic released an enhanced code-scanning security tool built into Claude. That product directly encroached on territory occupied by companies like Tenable, Qualys, and Veracode. Investors are now pricing in a more aggressive scenario: that frontier AI labs could commoditize or entirely bypass significant portions of the existing security stack, particularly in vulnerability management, application security testing, and portions of incident response.

The pattern is becoming familiar. Anthropic ships or signals a new capability. Cybersecurity stocks sell off. Analysts publish notes asking whether legacy vendors can adapt fast enough. And then the sector stabilizes—until the next announcement. But each cycle ratchets the pressure higher, and the recoveries have been getting shallower.

So what should enterprise security leaders actually do about this?

Building Defenses for an AI-vs.-AI World

First, update the threat model. Every organization running a security operations center needs to formally incorporate “AI-augmented adversary” as a scenario in its risk framework. This isn’t an exercise in speculation. It’s a response to documented incidents. Detection strategies should prioritize anomalous autonomous behavior: rapid scanning patterns that don’t match human cadence, unusual code-generation activity in development environments, or agents attempting to chain exploits across multiple systems in compressed timeframes.

Second, fight AI with AI. Deploy AI-driven code analysis and vulnerability prioritization tools that can match or exceed the offensive capabilities now emerging from frontier models. Some organizations are already exploring secure, on-premises or private-cloud deployments of frontier models for internal red-team exercises—controlled environments where defenders can safely test Mythos-class capabilities against their own infrastructure before attackers do it for real. Integrate agentic AI into the SOC for automated triage, enrichment, and low-risk response actions. The days of relying solely on human analysts to process alert queues measured in the tens of thousands are over.

Third, tighten supply-chain and third-party AI governance. With frontier labs releasing increasingly powerful models on compressed timelines, security teams need to review contracts and acceptable-use policies for every AI coding assistant or agent used by developers. Mandate human oversight for high-impact code changes. Implement output scanning to catch potential malicious artifacts before they reach production.

Fourth—and this is where many organizations fall short—red-team the red-teaming itself. Conduct exercises that simulate AI-orchestrated attacks: autonomous reconnaissance feeding into automated exploit generation feeding into persistence establishment. Measure mean time to detect and mean time to contain against these scenarios. If current controls depend heavily on static signatures or human-speed analysis, the gap between offense and defense is widening with every model generation.

And fifth, engage directly with responsible AI providers. Anthropic has signaled it may prioritize sharing threat intelligence and defensive insights with security teams during the Mythos rollout. Establish direct channels with frontier labs—and with existing security vendors who partner with them—to stay ahead of capability releases rather than scrambling to react after the fact.

None of this is cheap. None of it is simple. But the alternative—pretending that AI-powered offense is a problem for next year’s budget cycle—is a posture that the market has already rejected.

The broader investment thesis for cybersecurity remains intact. Global spending on security products and services continues to grow, driven by regulatory mandates, expanding attack surfaces, and the sheer volume of threats. But within that expanding market, the distribution of value is shifting. Companies that integrate frontier AI capabilities into their platforms—whether through partnerships with labs like Anthropic and OpenAI or through proprietary model development—will capture a disproportionate share of enterprise budgets. Those that don’t will find themselves competing on price for a shrinking slice of legacy workloads.

CrowdStrike, to its credit, has been aggressive about embedding AI into its Falcon platform, and its stock, while down sharply on Friday, has outperformed smaller peers over the past twelve months. Palo Alto Networks has made similar moves through its Cortex XSIAM platform. But mid-cap and single-product vendors face a more existential question: Can they build or buy AI capabilities fast enough to remain relevant when a frontier model can replicate core product functionality as a feature rather than a standalone offering?

The market’s answer, at least on March 27, was skepticism.

The Arms Race Has a New Tempo

There’s a structural irony embedded in the Mythos story. Anthropic is, by most accounts, the AI lab most genuinely committed to safety research and controlled deployment. Its Responsible Scaling Policy, its investment in interpretability, its willingness to publicly disclose adversarial misuse of its own models—all of this sets it apart from competitors who treat safety as a compliance checkbox. And yet it is Anthropic’s advances that keep triggering cybersecurity selloffs, precisely because the company is transparent enough to flag the risks its own technology creates.

That transparency is a feature, not a bug. But it creates an uncomfortable dynamic for investors and defenders alike. If the most safety-conscious lab in the industry is warning about unprecedented cybersecurity risks from its own model, what should we assume about less transparent competitors racing to match those capabilities without the same guardrails?

The honest answer: assume the worst, and build accordingly.

Claude Mythos is not the end of this story. It’s a data point—arguably the most significant one yet—in an accelerating arms race between AI-powered offense and AI-powered defense. The organizations that treat it as a strategic inflection point, rather than another quarterly headline to ride out, will be the ones that maintain advantage. The rest will learn the hard way that in a contest between AI and legacy security architectures, the AI doesn’t get tired, doesn’t take vacations, and doesn’t miss things because it had too many alerts in the queue.

The new contest isn’t AI versus humans. It’s AI versus AI. And every security program on the planet needs to be built for that reality—starting now.

Subscribe for Updates

EnterpriseSecurity Newsletter

News, updates and trends in enterprise-level IT security.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.

Notice an error?

Help us improve our content by reporting any issues you find.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us