Cybersecurity has been reshaped by the rapid rise of advanced artificial intelligence tools, and recent incidents show just how quickly the threat landscape is shifting.
Over the past year, we’ve seen a surge in attacks powered by AI models that can write code, scan networks and automate complex tasks. This capability has helped defenders, but it has also enabled attackers who are moving faster than before.
The latest example is a major cyberespionage campaign conducted by a Chinese state-linked group that used Anthropic’s Claude to carry out large parts of an attack with very little human involvement.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter
In mid-September 2025, Anthropic investigators spotted unusual behavior that eventually revealed a coordinated and well-resourced campaign. The threat actor, assessed with high confidence as a Chinese state-sponsored group, had used Claude Code to target roughly thirty organizations worldwide. The list included major tech firms, financial institutions, chemical manufacturers and government bodies. A small number of those attempts resulted in successful breaches.
HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE
Claude handled most of the operation autonomously, triggering thousands of requests and generating detailed documentation of the attack for future use. (Kurt "CyberGuy" Knutsson)
This was not a typical intrusion. The attackers built a framework that let Claude act as an autonomous operator. Instead of asking the model to help, they tasked it with executing most of the attack. Claude inspected systems, mapped out internal infrastructure and flagged databases worth targeting. The speed was unlike anything a human team could replicate.
To get around Claude’s safety rules, the attackers broke their plan into tiny, innocent-looking steps. They also told the model it was part of a legitimate cybersecurity team performing defensive testing. Anthropic later noted that the attackers didn’t simply hand tasks to Claude; they engineered the operation to make the model believe it was performing authorized pentesting work, splitting the attack into harmless-looking pieces and using multiple jailbreak techniques to push past its safeguards. Once inside, Claude researched vulnerabilities, wrote custom exploits, harvested credentials and expanded access. It worked through these steps with little supervision and reported back only when it needed human approval for major decisions.
The model also handled the data extraction. It collected sensitive information, sorted it by value and identified high-privilege accounts. It even created backdoors for future use. In the final stage, Claude generated detailed documentation of what it had done. This included stolen credentials, systems analyzed and notes that could guide future operations.
Across the entire campaign, investigators estimate that Claude performed around eighty to ninety percent of the work. Human operators stepped in only a handful of times. At its peak, the AI triggered thousands of requests, often multiple per second, a pace still far beyond what any human team could achieve. Although it occasionally hallucinated credentials or misread public data as secret, those errors underscored that fully autonomous cyberattacks still face limitations, even when an AI model handles the majority of the work.
This campaign shows how much the barrier to high-end cyberattacks has dropped. A group with far fewer resources could now attempt something similar by leaning on an autonomous AI agent to do the heavy lifting. Tasks that once required years of expertise can now be automated by a model that understands context, writes code and uses external tools without direct oversight.
Earlier incidents documented AI misuse, but humans were still steering every step. This case is different. The attackers needed very little involvement once the system was in motion. And while the investigation focused on usage within Claude, researchers believe similar activity is happening across other advanced models, which might include Google Gemini, OpenAI’s ChatGPT or Musk’s Grok.
This raises a difficult question. If these systems can be misused so easily, why continue building them? According to researchers, the same capabilities that make AI dangerous are also what make it essential for defense. During this incident, Anthropic’s own team used Claude to analyze the flood of logs, signals and data their investigation uncovered. That level of support will matter even more as threats grow.
We reached out to Anthropic for comment, but did not hear back before our deadline.
Hackers used Claude to map networks, scan systems, and identify high-value databases in a fraction of the time human attackers would need. (Kurt "CyberGuy" Knutsson)
FORMER GOOGLE CEO WARNS AI SYSTEMS CAN BE HACKED TO BECOME EXTREMELY DANGEROUS WEAPONS
You may not be the direct target of a state-sponsored campaign, but many of the same techniques trickle down to everyday scams, credential theft and account takeovers. Here are seven detailed steps you can take to stay safer.
Strong antivirus software does more than scan for known malware. It looks for suspicious patterns, blocked connections and abnormal system behavior. This is important because AI-driven attacks can generate new code quickly, which means traditional signature-based detection is no longer enough.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
A good password manager helps you create long, random passwords for every service you use. This matters because AI can generate and test password variations at high speed. Using the same password across accounts can turn a single leak into a full compromise.
Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com
A large part of modern cyberattacks begins with publicly available information. Attackers often gather email addresses, phone numbers, old passwords and personal details from data broker sites. AI tools make this even easier, since they can scrape and analyze huge datasets in seconds. A personal data removal service helps clear your information from these broker sites so you are harder to profile or target.
FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com
Strong passwords alone are not enough when attackers can steal credentials through malware, phishing pages or automated scripts. Two-factor authentication adds a serious roadblock. Use app-based codes or hardware keys instead of SMS. While no method is perfect, this extra layer often stops unauthorized logins even when attackers have your password.
Attackers rely heavily on known vulnerabilities that people forget or ignore. System updates patch these flaws and close off entry points that attackers use to break in. Enable automatic updates on your phone, laptop, router and the apps you use most. If an update looks optional, treat it as important anyway, because many companies downplay security fixes in their release notes.
Malicious apps are one of the easiest ways attackers get inside your device. Stick to official app stores and avoid APK sites, shady download portals and random links shared on messaging apps. Even on official stores, check reviews, download counts and the developer name before installing anything. Grant the minimum permissions required and avoid apps that ask for full access for no clear reason.
AI tools have made phishing more convincing. Attackers can generate clean messages, imitate writing styles, and craft perfect fake websites that match the real ones. Slow down when a message feels urgent or unexpected. Never click links from unknown senders, and verify requests from known contacts through a separate channel. If a pop-up claims your device is infected or your bank account is locked, close it and check directly through the official website.
By breaking tasks into small, harmless-looking steps, the threat actors tricked Claude into writing exploits, harvesting credentials, and expanding access. (Kurt "CyberGuy" Knutsson)
The attack carried out through Claude signals a major shift in how cyber threats will evolve. Autonomous AI agents can already perform complex tasks at speeds no human team can match, and this gap will only widen as models improve. Security teams now need to treat AI as a core part of their defensive toolkit, not a future add-on. Better threat detection, stronger safeguards and more sharing across the industry are going to be crucial. Because if attackers are already using AI at this scale, the window to prepare is shrinking fast.
Should governments push for stricter regulations on advanced AI tools? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
Apple added a new Sleep Score feature that gives you a single number to sum…
Losing your phone can leave you in panic mode, especially when the battery dies. The…
IN TODAY’S NEWSLETTER: - How to stop Google AI from scanning your Gmail- IRS to…
Passwords play a huge role in how you stay safe online. They protect your accounts,…
Android users have been dealing with a steady rise in financial malware for years. Threats…
A U.S. neurotechnology startup called Paradromics is gaining momentum in the fast-growing field of brain-computer…