Home / News

AI System Abused in China-Linked Cyberattack, Says Anthropic

By CircleID Reporter
  • November 14, 2025, 9:57 am PST
  • Views: 5,704
  • Add Comment

A cyberattack allegedly orchestrated by a Chinese state-sponsored group exploited an artificial intelligence system to launch near-autonomous intrusions into financial firms and government agencies, according to claims by U.S.-based AI firm Anthropic.

Autonomous execution: In a blog post published Thursday, Anthropic stated that its coding assistant, Claude Code, was manipulated to conduct a sophisticated cyber-espionage campaign in September, targeting 30 organisations worldwide. Although only a handful of intrusions were reportedly successful, the attack marked a novel development: approximately 80–90% of its execution was carried out without direct human control.

Anthropic characterised the incident as “the first documented case” of a large-scale cyber-attack driven primarily by an AI model. The company declined to disclose which entities were targeted or what data may have been compromised, but confirmed that internal systems were accessed.

Guardrail bypass: The attack was enabled by subverting Claude’s built-in safety guardrails. Hackers instructed the model to impersonate a cybersecurity employee conducting system tests, allowing it to bypass restrictions designed to prevent malicious use.

Regulatory warning: Reaction from policymakers was swift. U.S. Senator Chris Murphy described the development as a “national security crisis,” urging immediate regulation of AI technologies. Meanwhile, researchers such as Fred Heiding of Harvard University noted that the event demonstrates how generative AI can now perform tasks once limited to skilled human hackers.

However, not all experts are convinced. Some, like independent cybersecurity analyst Michal Wozniak, dismissed the episode as exaggerated, describing it as advanced automation rather than genuine intelligence. He argued the real concern lies in organisations deploying poorly understood AI tools without adequate oversight.

Despite the debate, observers like Marius Hobbhahn of Apollo Research warned that such incidents are likely to become more frequent as AI capabilities continue to evolve.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

 Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

DNS Security

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

View All Topics