Anthropic says Chinese state-sponsored hackers misused its Claude Code tool to perform a cyber operation against dozens of organizations with minimal human supervision. The firm argues this may be one of the first widely autonomous cyberattacks on record.
The attackers allegedly posed as legitimate cybersecurity employees to convince the AI model to engage in harmful activity. Targets included government agencies and global financial institutions.
Anthropic indicated the AI system autonomously handled up to 90% of the attack process. The company said this represents an escalation in the use of AI for malicious purposes.
However, Claude made numerous errors. It generated inaccurate information, fabricated findings, and wrongly labeled public data as restricted, limiting its effectiveness.
Analysts remain split on the seriousness of the episode. Some warn of future risks as AI grows more powerful, while others believe Anthropic is promoting an exaggerated interpretation of automated scripts.
9