Chinese government-backed hackers used Anthropic’s Claude Code tool to carry out advanced spying on about thirty targets worldwide, successfully breaking into several major organizations.
The first documented large-scale cyberattack executed primarily by leveraging artificial intelligence with minimal human intervention.
The operation, detected in mid-September 2025 by Anthropic security team, targeted leading tech companies, financial institutions, chemical manufacturing firms, and government agencies.
First AI-Orchestrated Cyberattack
What made this attack different from earlier ones was its heavy use of advanced AI agents. These systems can work on their own and only need humans once in a while.
The attackers got Claude Code to carry out complex break-in tasks by using advanced jailbreaking techniques.
They tricked the AI by splitting the attack into harmless-looking tasks and pretending they were working for a real cybersecurity company defending against real threats.
The operation proceeded through distinct phases. First, human operators selected targets and developed attack frameworks.
Claude Code then conducted reconnaissance, identifying high-value databases and security vulnerabilities within the target infrastructure.
The AI wrote its own exploit code, harvested credentials, extracted sensitive data, and created backdoors, all while generating comprehensive documentation for future operations.
Remarkably, Claude performed 80-90 percent of the campaign with human intervention required only at approximately 4-6 critical decision points per attack.
At peak activity, the AI executed thousands of requests per second, an impossible pace for human hackers. This level of efficiency marked a major change in cyber attack abilities.
This incident shows that new AI agent abilities have made it much easier for people to carry out advanced cyberattacks.
Less experienced, less resourced threat actor groups can now execute enterprise-scale operations that previously required extensive human expertise and effort.
Anthropic’s discovery highlights a serious problem: the same AI capabilities that enable these attacks are essential to cybersecurity defense.
Anthropic security teams are advised to experiment with AI-assisted defense in Security Operations Center automation, threat detection, vulnerability assessment, and incident response.
Industry experts say that AI platforms need stronger protections to stop bad actors from misusing them.
Enhanced detection methods, improved threat intelligence sharing, and stronger safety controls remain essential as threat actors increasingly adopt these powerful technologies.
The incident marks a turning point in the cybersecurity landscape, signaling that organizations must rapidly adapt their defensive strategies to counter AI-orchestrated threats.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
