US cybersecurity stocks slide on leaked details of new Anthropic AI model

(Sharecast News) - US cybersecurity stocks tumbled on Friday after a data leak exposed draft documents related to a new AI model being tested by Anthropic.

Fortune reported on Thursday that US AI start-up Anthropic had accidentally leaked details of an upcoming model release - its most powerful yet - an exclusive CEO event, and other internal data.

Fortune said the information was made accessible through the company's content management system (CMS), which is used by Anthropic to publish information to sections of its website.

In total, there were about 3,000 assets linked to Anthropic's blog that had not previously been published to the company's public-facing news or research sites that were nonetheless publicly-accessible in this data cache, according to Alexandre Pauwels, a cybersecurity researcher at the University of Cambridge, asked by Fortune to assess and review the material.

Fortune said that after it informed Anthropic of the issue on Thursday, the company took steps to secure the data so that it was no longer publicly accessible.

The leaked draft describes Claude Mythos under the product name 'Capybara'.

The company currently offers models in three tiers: Opus (most capable), Sonnet (faster and cheaper), and Haiku (smallest and fastest). Capybara would be above all three and more expensive.

Berenberg said in a research note that Capybara is expected to deliver incremental advances in reasoning, coding, and cybersecurity capabilities.

News of the new model sent US cybersecurity stocks sliding and by 1515 GMT, CrowdStrike was down 5.4%, while Palo Alto Networks and Zscaler were down 5.5% and 5.6%, respectively. Tenable was 8.3% lower and Netskope was off 6.3%.

Berenberg said that while there is no official confirmation from Anthropic, the functionality being discussed is not new in principle.

"Claude already incorporates security-aware coding capabilities (e.g. Claude Code Security), which aim to identify and remediate vulnerabilities during the code development process," it said. "These capabilities fall under application security (AppSec) - i.e. helping developers write more secure code and reducing the introduction of vulnerabilities at source.

"In plain English, Anthropic Claude Security helps developers write more secure code so vulnerabilities (security gaps) do not exist in the first place (when building code). This is a relatively small sub-segment within the broader cybersecurity domain, with circa 1.2% of the total addressable market."

Berenberg said it is critical to distinguish between vulnerabilities and runtime security.

"For example, Palo Alto Networks firewalls protect the infrastructure/environment where that code runs. Runtime security is what organisations use to protect data centres, infrastructure, endpoints, and networking.

"While it is not positive for some names (e.g. Tenable, Qualys, Rapid7 that operate in vulnerability management), the broader cybersecurity market sell-off is harsh in our view."