In September 2025 a game-changing operation was detected: a large-scale cyberespionage campaign in which AI did most of the work. Can you imagine an AI agent doing the job of an entire team of hackers with minimal human supervision? This is exactly what Anthropic investigated and published about the use of Claude Code in a sophisticated attack.

What happened

Anthropic spotted suspicious activity in mid-September and, after a quick investigation, concluded it was a very advanced espionage campaign. They assessed with high confidence that the actor behind it had support from the Chinese state. Targets included big tech companies, financial institutions, chemical manufacturers and government agencies.

According to the report, this case could be the first documented example of a large-scale attack executed without substantial human intervention.

The company responded in days: they investigated, disabled compromised accounts, notified victims, and coordinated with authorities while collecting actionable intelligence.