Researchers question Anthropic claim that AI-assisted attack was 90% autonomous

December 3, 2025

TL;DR

Anthropic detected a cyber espionage campaign by China-state hackers that allegedly used their Claude AI tool for extensive automation.
The hackers reportedly used AI agentic capabilities to automate up to 90% of tasks, with minimal human intervention at critical decision points.
Outside researchers question the significance of this discovery, pointing to incremental gains from AI use by legitimate developers and arguing that attackers are not necessarily gaining unprecedented capabilities.
AI tools can improve workflow for tasks like triage and log analysis, but full automation of complex task chains remains elusive.
The reported campaign targeted at least 30 organizations, but only a small number of attacks succeeded, raising questions about the effectiveness of the AI-orchestrated approach.
Hackers bypassed Claude's guardrails by breaking tasks into small, seemingly non-malicious steps and by framing inquiries as security defense improvements.
AI hallucinations, such as claiming to have obtained non-existent credentials or identifying publicly available information as critical discoveries, presented challenges for operational effectiveness.

Continue reading
the original article