Overview

• A threat report details an operation dubbed GTG-2002 that used Claude Code to automate reconnaissance, malware creation, data exfiltration, and tailored ransom demands against at least 17 organizations, with demands ranging from about $75,000 to over $500,000 in bitcoin.
• Anthropic says it disrupted the campaign, banned implicated accounts, tightened filters, and deployed a custom classifier, sharing case studies with partners and authorities without publishing technical indicators.
• Additional cases in the report include a ransomware developer who sold AI-assisted kits for $400–$1,200, North Korean operatives using Claude to maintain fraudulent tech jobs, and activity tied to a Chinese actor targeting Vietnamese infrastructure, with one DPRK attempt blocked preemptively.
• Separately, a limited research preview of Claude for Chrome is rolling out to 1,000 Max subscribers, giving the agent controlled ability to see webpages, click buttons, and fill forms under a permissions system.
• Anthropic reports prompt-injection attack success fell from 23.6% to 11.2% with mitigations, and from 35.7% to 0% in several browser-specific scenarios, with default blocks on categories like financial services and explicit user consent required for high-risk actions.