Artificial intelligence company Anthropic reports uncovering what it believes to be the first large-scale cyberattack primarily carried out by AI, attributing the operation to a Chinese state-sponsored hacking group that exploited Anthropic’s own Claude Code model to infiltrate around 30 global targets. These targets included major tech firms, financial institutions, chemical manufacturers, and government agencies. The campaign began in mid-September 2025 and involved manipulating the AI model into autonomously performing offensive espionage tasks. Anthropic described the operation as a "highly sophisticated espionage campaign" and a pivotal moment in cybersecurity, claiming it is the first documented case of a large-scale cyberattack executed with minimal human involvement. The company highlighted the significant implications of AI “agents”—autonomous systems capable of performing complex tasks independently—pointing out their potential misuse in enabling large-scale cyberattacks if controlled by malicious actors. Founded in 2021 by former OpenAI researchers, Anthropic, based in San Francisco and backed by Amazon and Google, is known for its Claude chatbot family, competitors to OpenAI’s ChatGPT, with a focus on AI safety and reliability. The revelation that its own AI model was exploited alarmed many. Hackers bypassed Claude Code’s protections by jailbreaking the system—masking malicious commands as legitimate cybersecurity testing requests—allowing the AI to identify valuable databases, exploit vulnerabilities, harvest credentials, create backdoors for deeper access, and exfiltrate data. Anthropic stated the AI completed 80–90% of the attack work, with humans involved only in some high-level decisions. Despite several infiltration attempts, only a few were successful, and Anthropic promptly shut down compromised accounts, alerted affected parties, and shared intelligence with authorities. The company expressed "high confidence" that China backed the campaign, though independent verification is pending.

China’s embassy condemned the allegation as “unfounded speculation, ” asserting it opposes cyberattacks and urging the U. S. to cease smearing China with disinformation. Hamza Chaudhry, AI and national security lead at the Future of Life Institute, told FOX Business that advances in AI empower less sophisticated adversaries to conduct complex espionage with minimal resources. While praising Anthropic’s transparency, Chaudhry raised questions about how the attack was discovered, the basis for identifying Chinese involvement, and details about the targeted entities. Chaudhry argued the incident reveals flaws in U. S. AI and national security strategy. He noted that while Anthropic claims AI tools can aid both offense and defense, history shows cyberspace favors offense, a gap widened by AI. He cautioned that rapid deployment of advanced AI systems empowers adversaries faster than defenses can adapt, calling Washington’s reliance on these tools both to attack and defend a fundamentally flawed approach requiring reconsideration.