You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
Recently, in a blog post titled "Disrupting the first reported AI-orchestrated cyber espionage campaign", Claude owner Anthropic shared details on a "Chinese state-sponsored group" it claimed was using Claude's coding tool to try and infiltrate 30 global targets. This report claims "the threat actor was able to use AI to perform 80-90% of the campaign", but that assertion has since faced scepticism.
As reported by Ars Technica, Dan Tentler, cofounder of internet security company Phobos Group, recently took to Mastodon to share their thoughts on this claim. After saying they'd like to see logs to verify this campaign, they cast doubts upon the veracity of the claim, saying, "Why do the models give these attackers what they want 90% of the time but the rest of us have to deal with asskissing, stonewalling and acid trips?"
Effectively, Tentler is asking why their experience with these tools doesn't reveal the same sophistication as the models claimed to be used by the China-based hacking group that Anthropic is referring to. Similarly, Bob Rudis, the VP of Data Science, security research and detection engineering at GreyNoise Intelligence (a security firm), doubts the abilities of this new tech. They say, "It doesn't expand the threat model in a meaningful way, and mostly serves as a well-packaged demonstration of trends we’ve already known about for years."
Rudis notes, "Sure, this speeds things up (for a TINY FRACTION of adversaries) and likely lowers labor costs. But it doesn’t rewrite the rules of the "game" (I hate calling it that but it is what it is)." They continue to argue that, if anything, these tools can be more beneficial to defenders than attackers as "defenders (in theory) have the data advantage."
We believe this is the first documented case of a large-scale AI cyberattack executed without substantial human intervention. It has significant implications for cybersecurity in the age of AI agents.Read more: https://t.co/VxqERnPQRJNovember 13, 2025
The full report from Anthropic acknowledges potential failure points for AI's use by bad actors. It points out "Claude frequently overstated findings and occasionally fabricated data during autonomous operations, claiming to have obtained credentials that didn't work or identifying critical discoveries that proved to be publicly available information." There are productivity gains to be made with AI, but also these hallucinations remain "an obstacle to fully autonomous cyberattacks."
Anthropic claims that the cyberhacking group managed to get around security limitations by breaking down attacks into much smaller and more "seemingly innocent" tasks that Claude would do without checking the context. These, when piled up, could then work as part of a broader, more malicious operation. The group reportedly told Claude that it was a cybersecurity firm testing defences, and this allowed them to bypass some restrictions.
This bypassing method is naturally a worrying one, even if the 80-90% claim isn't fully accurate. The 14-page report claims that the 80-90% figure represents the percentage of "tactical operations" in the campaign, where the Anthrophic website claims it is 80-90% of the campaign overall. It's not entirely clear if this is simply a rewording of the same concept or slightly different.
Regardless, Anthropic claims this is "a fundamental change" in the way cybersecurity operates, where some cybersecurity experts instead argue that may be overhyping it somewhat. As Rudis claims, "that hype is good for bidnez."
The best PC gaming gear 2025
All our current recommendations
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
