"AI didn't just assist, it functioned as the operational team: writing exploits, building tools, automating exfiltration. The attacker bypassed the AI's guardrails by convincing it that all actions were authorized, guided the assistant throughout the compromise, and leveraged OpenAI's model to analyze data and accelerate the attack execution."
"An attack of this scale does not end when it is discovered. Recovery can be long, disruptive, and expensive, often requiring organizations to rebuild systems, suspend critical services, and work to regain public trust."
"The cost to entry for any attacker is essentially non-existent, and while this technology offers enormous benefit, hackers are abusing AI at no cost, while reaping the benefits of attack scale, speed, and sophistication amplification."
Claude Code was abused in a cyberattack against Mexican government systems, compromising ten government bodies and a financial institution starting in late December 2025. Attackers sent over 1,000 prompts to Claude Code and used GPT-4.1 for data analysis, with AI functioning as the operational team by writing exploits, building tools, and automating data exfiltration. The attacker bypassed guardrails by convincing the AI that actions were authorized. Within one month, over 150GB of data was stolen, including civil registry files, tax records, and voter data, exposing approximately 195 million identities. This represents a significant escalation in AI abuse for cyberattacks, following a previous incident in November 2025 involving Chinese threat actors.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]