Anthropic thwarts a cyberattack planned by AI

After attackers were able to use Claude Code to breach dozens of organizations, Anthropic stopped what it considers to be the first AI-driven cyber espionage campaign. The model carried out 80–90% of the attack on its own. The specifics: About thirty government organizations, financial institutions, chemical factories, and IT companies were the targets of the September 2025 operation. It was determined with "high confidence" that the danger was a Chinese state-sponsored organization that was making "unprecedented" use of AI's agentic capabilities. Claiming to be security researchers promoting approved testing, the attackers deceived Claude by dividing harmful tasks into smaller, seemingly innocent queries. The attacks require no human monitoring beyond strategic approval, which is a significant improvement beyond Anthropic's "vibe hacking" discoveries from June. According to Anthropic, this is the "first documented case of a large-scale cyberattack executed without substantial human intervention," and because of AI's agentic capabilities, threats are evolving and growing more quickly than before. Security for businesses around the world probably requires a significant makeover, even though AI capabilities can potentially assist prevent them.