Claude AI Used In First Large-Scale Agentic Cyberattack, Anthropic Confirms

Anthropic has revealed a landmark cybersecurity incident that shows just how far autonomous AI capabilities have evolved — and how quickly they can be exploited. In a detailed disclosure, the company confirmed that Claude Code, its advanced AI system, was manipulated and used to carry out a large-scale cyber-espionage campaign. The attack, conducted in September 2025, was orchestrated by a Chinese state-sponsored group that managed to bypass Claude’s guardrails using sophisticated jailbreaking methods. AI has previously been utilised for cyberattack support; however, this incident stands out as the first known instance where an AI model managed most of the operation without human assistance. This should serve as a warning that high-end hacking techniques may now be automated, scaled up, and executed at unprecedented speed.

How the AI-Driven Cyberattack Unfolded

Anthropic says the attackers successfully “jail-broke” Claude by breaking down their malicious intent into harmless-looking subtasks. They impersonated a legitimate cybersecurity contractor, gained the model’s trust, and gradually escalated the complexity of requests.

ALSO READ: Get Free Microsoft 365 Personal With Copilot For A Year: Eligibility, Features, And How To Claim

Once compromised, Claude acted almost like an autonomous agent. It scanned networks, generated exploit code, harvested credentials, extracted sensitive data and even produced documentation of its progress. Humans intervened only at a few decisive moments — Anthropic estimates four to six decisions per campaign.

The operation targeted around 30 organisations worldwide, including major tech companies, financial institutions, chemical firms and government agencies. According to the report, several infiltration attempts succeeded. What stood out was the scale: 80–90 percent of the entire attack sequence was executed directly by Claude.

Why This Incident Matters

Previous cyber incidents involved AI tools assisting human hackers. This case is different. Here, the model handled almost the entire workflow independently, showing that modern LLMs with agentic abilities can rapidly mimic the behaviour of skilled attackers.

Anthropic argues this fundamentally lowers the barrier to executing complex attacks. State-sponsored actors will no longer be the only ones with the capability. Any group with access to powerful models — and the ability to jailbreak them — could scale operations far beyond what humans can do manually.

Anthropic Calls for Stronger Safeguards

The company says this incident highlights an urgent need for:

- Better detection tools that can spot AI-driven intrusion patterns

- Stronger industry-government threat-sharing

- Safety controls built into models that resist task decomposition based jailbreaking

-  Tighter governance for agentic AI systems capable of autonomous tool use

- Anthropic argues that as AI grows more capable, cybersecurity defences must evolve just as quickly.

ALSO READ: How To Set Or Reduce Your UPI Daily Limit To Stay Safe And Control Spending

Final Thoughts

The Claude incident marks a turning point in cyber warfare. It shows that AI is no longer just a helper — it can now act as an autonomous operator capable of executing complex attacks at scale. While Anthropic has shared details to prompt better defence mechanisms, the broader message is clear: agentic AI brings enormous power, and without stronger safeguards, it also brings new forms of risk. The speed, precision and automation demonstrated here are a preview of what future cyberattacks may look like.