Anthropic, creators of Claude, and one of the top competitors for ChatGPT claim that they stopped hackers from using Claude Code, to attack multiple companies.

Anthropic says they detected suspicious activity mid-September that led to a 10-day investigation. They discovered Claude tools were manipulated to target about 30 organizations. Tech companies, financial institutions, chemical manufacturers, and government agencies. It looks like four attacks successfully breached their targets.

The hackers tricked Claude Code into thinking it was doing legitimate security testing. They broke the attack down into small harmless-looking tasks, then let the AI map networks, and harvest credentials.

Anthropic claimed that the AI performed 80-90% of the hacking campaign, with humans intervening at just 4-6 critical decision points. They called it the first documented case of a large-scale cyberattack executed without substantial human intervention.

Anthropic, with high confidence says the threat came from a Chinese, state-sponsored hacking group. They say it was an operation centered around espionage, aimed at stealing data and intelligence, but not destroying systems.

U.S. Senator Chris Murphy tweeted: "Guys wake the f up. This is going to destroy us - sooner than we think - if we don’t make AI regulation a national priority tomorrow.”

Media coverage amplified the panic. Commentators argued that by racing to deploy AI systems, the tech industry is empowering adversaries faster than safeguards are being built.

Meta's Chief AI Scientist, Yann LeCun, responded to Senator Murphy saying "You're being played by people who want regulatory capture. They are scaring everyone with dubious studies so that open source models are regulated out of existence"

LeCun reposted an analysis where Claude itself reviewed Anthropic's report. Claude, Anthropics own chatbot product, stated: "The report provides no evidence whatsoever to support the attribution to a 'Chinese state-sponsored group'"

Basically critics are saying Anthropic hyped up the threat to promote their own company and further position themselves as leaders of AI Safety. Hopefully granting them a seat at the table to help write policy around AI models in a way that benefits them and stunts the adoption of open source models.

Honestly, WHO KNOWS!

Personally, I don’t think the hackers were a Chinese state-sponsored group. Why use Claude Code? Theres so many open source models out there, and besides, the tactics were pretty elementary. If the mission was to gather intel and quietly collect data, they chose the noisiest path to take.

Hackers are definitely using AI. That threat is very real. How much of the heavy lifting is the AI doing? Is it the 80-90% Anthropic states? No I doubt that. Human interaction/guiding is still necessary but the capabilities are growing REALLY fast.

Thats all for tonight!

dontgetgot