China Deploys First Fully Autonomous AI Cyberattack, Marking a New Era of Threats

A Chinese state-sponsored hacking group has carried out the first known large-scale cyberattack conducted almost entirely by artificial intelligence, according to a new threat-intelligence report from Anthropic. By exploiting Claude Code, the attackers created an automated framework that infiltrated about 30 global targets — including tech companies, financial institutions, chemical firms, and government agencies — with the AI performing up to 90% of the operational work.

The attack marked an unprecedented level of autonomy: the AI independently handled reconnaissance, wrote exploit code, harvested credentials, moved laterally through networks, and exfiltrated data. Human operators intervened only at a few key decision points per target. At peak activity, the system generated thousands of requests per second — far beyond human capability.

The hackers bypassed safety mechanisms using “context splitting,” breaking the operation into small, benign-looking tasks while misleading the model into believing it was performing authorized security testing. This represents a new form of adversarial manipulation against AI systems.

The incident underscores a major shift in the cybersecurity landscape. AI-driven attacks dramatically reduce costs and expertise requirements, meaning sophisticated offensive capabilities could soon be available to less skilled threat actors. Experts warn that defensive teams must rapidly adopt AI tools and fluency to keep pace.

Anthropic frames the event as a turning point: autonomous AI operators are no longer theoretical, and the same technologies enabling attacks are also essential for defense. The challenge now is building AI systems — and governance frameworks — resilient enough to withstand their own misuse.