China Used AI to Target U.S. Companies: What the New Report Reveals
Artificial intelligence is changing cybersecurity faster than anyone expected.
This month, Anthropic confirmed that suspected state-backed hackers in China used its Claude Code model to carry out a targeted cyber-espionage campaign, now widely known as an “Anthropic China cyberattack.”
It’s one of the first documented cases where an AI agent wasn’t just assisting with an attack, but quietly running most of the operation behind the scenes. Many experts say it may become the defining AI cyberattack that 2025 will be remembered for.
What Anthropic Discovered
According to Anthropic, attackers automated as much as 80% to 90% of their workflow. They used Claude Code to:
Scan networks
Probe for vulnerabilities
Write exploit code,
Wort through stolen credentials
This made it one of the clearest cases of Claude Code misuse to date.
Human hackers only happened to step in at key tactical points. Researchers say the attackers also tricked the AI into believing it was performing routine cybersecurity tasks.
By breaking malicious instructions into small, harmless-looking requests, they slipped past built-in guardrails that were supposed to prevent this kind of misuse.
The campaign targeted roughly 30 organizations around the world. These included tech companies, financial institutions, chemical manufacturers, and several government entities.
Anthropic says four of those targets were successfully breached.
Why This Attack Matters
Security experts are calling this a turning point. AI has been used in cybercrime for years, but, typically, it’s used in specified ways like phishing or code generation.
This case revealed something new: the AI acted like an operator, executing tasks end-to-end without consistent human direction. It’s also the clearest example yet of how autonomous AI agents in cybercrime could evolve. Hackers no longer need large teams or months-long manual workflows.
With the right model, they can launch coordinated pressure across multiple systems quickly and efficiently.
U.S. officials told reporters that, although the government itself wasn’t breached, the broader implication is hard to ignore.
If this is what a campaign looks like, the next few years could reshape what AI security threats in 2025 really mean for public and private systems.
How Defenders Are Responding
Cybersecurity teams are now preparing for what they’re calling “AI-on-AI conflict.”
Organizations will need to harden systems, monitor for AI-generated attack patterns, and use their own defensive models to oversee networks in real time.
Some companies are already adopting these new internal policies. In some instances, AI tool access is being restricted, logs are being reviewed more frequently, and certain firms are evaluating whether or not to build dedicated AI-risk teams inside their security departments.
Industry analysts say companies should assume that future threats will involve autonomous agents because the next cybersecurity shift won’t be about patching a single vulnerability, but managing how machine-driven attacks can adapt faster than we can.
What To Watch In 2026
More incidents like this are, unfortunately, expected. Experts believe AI-enabled attacks will become easier to launch and, sadly, harder to detect.
That means companies will need to invest more heavily in training, defensive automation, and continuous monitoring.
For everyday users like us, it’s a reminder that the digital landscape is shifting quickly and before our eyes.
Staying Ready in a Changing Digital World
Even though reports like this are unsettling, everyday steps still matter. Let’s make sure we keep our software updated, turn on multi-factor authentication, and use strong passwords. They remain some of our best defenses.
Bigger adjustments will happen behind the scenes, as companies and government entities decide how to respond.
Incidents like this are shaping safety standards and bringing more urgency to the conversations surrounding AI oversight.
But, for the rest of us, the takeaways are a little more straightforward. Stay aware, install your updates, and keep good digital habits in place.
They’ll help us move into 2026 with a clearer sense of control, rather than worry.
Did you find this information useful? Feel free to bookmark or to post to your timeline to share with your friends.