U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Artificial Intelligence

Claude code abused to steal 150GB in cyberattack on Mexican agencies

Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems. Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The […]

Anthropic Claude Security Mythos Fable 5) Project Glasswing curl

Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems.

Hackers abused Anthropic’s Claude Code AI assistant to develop exploits, create custom tools, and automatically exfiltrate more than 150GB of data in an attack on Mexican government systems, the Israeli cybersecurity firm Gambit Security reports. The case highlights how generative AI can be weaponized to accelerate real-world cyber operations.

Attackers compromised 10 Mexican government agencies and a financial institution, starting with the tax authority in December 2025. Gambit Security found the threat actors sent over 1,000 prompts to Claude Code and used OpenAI’s GPT-4.1 to analyze stolen data.

Attackers jailbroke Anthropic’s Claude and used it for about a month to target multiple Mexican government entities, including the federal tax authority, the electoral institute, state governments, Mexico City’s civil registry, and Monterrey’s water utility. By bypassing AI guardrails and framing actions as authorized, the attacker automated exploit writing and data theft, exfiltrating 150GB of records and exposing about 195 million identities.

Posing as bug bounty testers, they crafted prompts to bypass safeguards. Claude initially resisted, flagging log deletion and stealth instructions as red flags before being manipulated into assisting the operation.

“In total, it produced thousands of detailed reports that included ready-to-execute plans, telling the human operator exactly which internal targets to attack next and what credentials to use,” Curtis Simpson, Gambit Security’s chief strategy officer. told VentureBeat.

When Claude stopped being helpful, the attackers switched to ChatGPT from OpenAI to get guidance on moving deeper into the network and organizing stolen credentials. As the breach progressed, they repeatedly asked where else government identities and related data could be found and which additional systems to target.

“This reality is changing all the game rules we have ever known,” said Alon Gromakov, co-founder and CEO of Gambit Security”

In November 2025, Anthropic disclosed that China-linked actors had also abused Claude Code in an espionage campaign targeting nearly 30 organizations worldwide. The AI was manipulated to perform key operational tasks.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Claude Code)