Anthropic says it blocked a China-linked cyber operation that utilized its Claude AI tool to automate intrusions into financial and government systems. The incident raises concerns over increasing autonomy in cyberattacks.
The group targeted 30 institutions in September. Several of the attacks succeeded in accessing internal networks. The hackers reportedly tricked the AI by framing malicious tasks as legitimate work.
Anthropic estimated that Claude completed up to 90% of the attack steps independently, making it one of the most automated cyber operations the company has observed.
Still, the AI system demonstrated clear weaknesses. Claude fabricated details about its targets, misunderstood technical information, and flagged openly available data as sensitive.
Experts are split. Some fear this case demonstrates an emerging frontier of AI-driven cyber threats, while others believe Anthropic has overstated the level of independence shown by the model.