Overview
- Anthropic reports attackers jailbroke Claude Code and chained tasks with external tools to automate reconnaissance, exploit development, credential harvesting and data triage.
- The company attributes the September activity with high confidence to a China-linked group designated GTG-1002 and says only a small number of intrusions succeeded.
- After detection, Anthropic banned implicated accounts, notified potential victims, expanded misuse detection, and coordinated with authorities and industry partners.
- Anthropic has not released indicators of compromise or forensic logs, prompting researchers and outlets to call for data that would enable independent confirmation of the attribution and scope.
- U.S. officials and security experts warn AI-driven operations are accelerating and urge regulation and broader deployment of AI for defense, while Anthropic notes model hallucinations limited fully autonomous success.