This is a developing story. NCT previously covered the Mythos data leak here.

Cybersecurity stocks sold off sharply on Friday after reports emerged that Anthropic is testing a new AI model with offensive cyber capabilities the company itself considers dangerous. The iShares Cybersecurity ETF (IHAK) lost 4.5%, while individual names took heavier hits: Tenable dropped 9%, Okta and Netskope each fell more than 7%, and CrowdStrike, Palo Alto Networks, Zscaler, and SentinelOne all declined roughly 6%, according to CNBC.

Bloomberg confirmed the selloff, attributing it to investor concern that a sufficiently advanced AI model could be used to bypass existing cyber defenses at scale.

What Triggered the Selloff

The catalyst was Fortune’s Thursday exclusive reporting that a data leak from Anthropic’s content management system exposed draft announcements for Claude Mythos, a new model tier called “Capybara” that sits above Opus. Anthropic confirmed the model’s existence to Fortune, calling it “a step change” and “the most capable we’ve built to date.”

The detail that spooked markets: Anthropic’s own draft described Mythos as “currently far ahead of any other AI model in cyber capabilities,” capable of discovering and exploiting vulnerabilities faster than human security teams. Anthropic structured the entire early rollout around this concern, giving select cybersecurity organizations first access so defenders can harden their systems before broader availability.

The Times of India framed the situation bluntly: Anthropic is “refusing” to release the most powerful AI model it has ever developed.

A Pattern for Cybersecurity Stocks

This is the second time in a month that Anthropic-related news has hit cybersecurity equities. In February, cyber stocks fell after Anthropic announced a code-scanning security tool for Claude, according to CNBC. The recurring selloff pattern suggests investors are pricing in a structural concern: that AI capabilities are advancing faster than the defensive tools built to contain them.

Anthropic disclosed in November 2025 that a Chinese state-sponsored group had used Claude to automate a cyberattack, demonstrating that the offensive use case is not theoretical.

What This Means for Agent Builders

For anyone running autonomous agents in production, the Mythos market reaction is a concrete signal. If a model capable of autonomous vulnerability discovery and exploitation exists at Anthropic, the assumption that current agent security frameworks provide adequate protection faces a timeline problem. Agent infrastructure secured against today’s threat models may need to be re-evaluated against capabilities that Anthropic’s own engineers consider a step change.

The cybersecurity vendors whose stocks dropped Friday are the same companies selling the tools that enterprises use to secure agent deployments: endpoint detection (CrowdStrike, SentinelOne), network security (Palo Alto, Zscaler), identity management (Okta), and vulnerability management (Tenable). A model that can find and exploit vulnerabilities faster than these tools can patch them compresses the window between disclosure and breach in ways that current response architectures are not designed to handle.

Anthropic did not respond to CNBC’s request for comment on Friday.