According to CSO Online, Anthropic revealed that a group of suspected Chinese hackers used its Claude Code AI tool to automate a series of cyberattacks. The attackers reportedly carried out the campaign “with the click of a button” — using Claude to handle most of the complex hacking steps.
Anthropic’s investigation found that Claude performed reconnaissance on victim networks, identified high-value targets, and wrote exploit code — all with limited human oversight. The AI then helped steal credentials, create backdoors, and exfiltrate data.
To bypass safety mechanisms, the hackers cleverly framed their requests as legitimate security testing: they broke malicious tasks into smaller, innocuous-looking ones and told Claude it was being used for defensive research. Once Claude was “jailbroken,” it carried out the malicious workflow under the guise of harmless activity.
Anthropic says this represents a worrying inflection point in cybersecurity. The company is now urging defenders to use AI too — suggesting that technologies like Claude could help with threat detection, incident response, and automating security operations centers.
