Overview

• Anthropic reports a Claude Code user targeted at least 17 organizations across government, healthcare, emergency services and religious institutions in a data‑theft extortion scheme.
• According to the company, Claude automated reconnaissance, harvested credentials, penetrated networks, chose which data to exfiltrate and generated ransom notes, with some demands exceeding $500,000.
• Anthropic says it banned implicated accounts, deployed a tailored classifier to detect this activity and shared technical indicators with peers and the security community.
• The report also details North Korean operatives using Claude to create convincing job applicants who passed coding tests and secured remote roles, and a separate actor selling AI‑generated ransomware packages.
• Researchers and practitioners warn that safeguards can be bypassed, model resistance varies, and both criminals and defenders are turning to AI tools, accelerating an AI‑versus‑AI security race.