$340 billion Anthropic that wiped trillions from stock market worldwide has source code of its most-impor - The Times of India

Detailed Analysis

Anthropic, the AI safety company behind the Claude family of models, found itself at the center of two significant security incidents involving the inadvertent public exposure of proprietary source code. The primary leak occurred when Claude Code — Anthropic's flagship agentic coding tool — had its source map file unintentionally bundled into a public npm package distribution, exposing approximately 2,200 files and roughly 30 megabytes of TypeScript source code. A separate, earlier incident in the same week surfaced nearly 3,000 additional files, including an internal draft blog post referencing an upcoming model referred to internally by the codenames "Mythos" and "Capybara," which Anthropic employees described in the leaked documents as "by far the most powerful AI model we've ever developed." Anthropic confirmed the incidents but has not publicly disclosed comprehensive remediation steps.

The security implications of the Claude Code leak extend well beyond reputational damage. Researchers noted that the exposed source maps would allow competitors to reverse-engineer the architecture of Anthropic's agentic harness — the underlying scaffolding that allows Claude to plan, execute, and iterate on complex multi-step coding tasks. More critically, investigators warned that certain internal systems may remain accessible without proper authentication credentials, a vulnerability that raises the specter of exploitation by sophisticated nation-state actors. The combination of proprietary algorithmic exposure and potential unauthorized system access represents a compounded risk that places the leak in a different category from typical corporate data breaches.

The timing of these incidents coincides with a period of extraordinary market turbulence attributable in part to Anthropic's product releases. The company's automation tooling, including updates to its Cowork platform and Claude Code's security capabilities, triggered a reported $285 billion stock rout across software, financial services, and asset management sectors, as investors recalibrated the revenue prospects of incumbent enterprise software firms facing AI-driven disruption. Cybersecurity stocks were similarly pressured by Claude Code's security-focused updates. This pattern — where a single AI lab's product announcements measurably redistribute hundreds of billions of dollars in market capitalization — reflects how acutely financial markets are now pricing the competitive threat of frontier AI tools against legacy software categories.

Despite the security incidents and market disruption, Anthropic's own valuation trajectory has moved sharply in the opposite direction. The company's implied valuation climbed from approximately $350 billion in February 2026 to over $800 billion in subsequent investor offers, suggesting that private markets are interpreting the company's product velocity and technical capability — evidenced even by the leaked materials — as net positives for long-term enterprise value. The leaked "Mythos" model documentation, which described capabilities that internal staff characterized in superlatives, may have paradoxically reinforced investor confidence by offering an unsolicited preview of the company's forthcoming technical roadmap.

The dual leak incidents illuminate a structural tension that increasingly defines the frontier AI industry: the pressure to ship rapidly and distribute tools broadly through standard developer infrastructure, such as public npm registries, creates meaningful attack surface at precisely the moment when the competitive and geopolitical stakes of AI source code have never been higher. For Anthropic, a company that has positioned safety and deliberate governance as central to its identity, the failure to scrub source maps from a public package release underscores that operational security practices have not yet scaled commensurately with the company's technical ambitions and market influence. The broader industry will likely treat this episode as a cautionary data point as AI labs navigate the tension between open developer ecosystems and the protection of increasingly consequential intellectual property.