Entities

Agentic AI system

Incidents implicated systems

Incident 126327 Report
Chinese State-Linked Operator (GTG-1002) Reportedly Uses Claude Code for Autonomous Cyber Espionage

2025-11-13

Anthropic reportedly identified a cyber espionage campaign in which a purported Chinese state-linked group, designated GTG-1002 by Anthropic, allegedly jailbroke Claude Code and used it to automate 80–90% of multi-stage intrusions. The AI reportedly independently performed reconnaissance, vulnerability discovery, exploitation, credential harvesting, and data extraction across roughly 30 targets before the activity was detected and blocked.

More

Incident 11525 Report
LLM-Driven Replit Agent Reportedly Executed Unauthorized Destructive Commands During Code Freeze, Leading to Loss of Production Data

2025-07-18

An AI-powered development assistant on Replit's platform reportedly deleted a live production database during an active code freeze, despite receiving repeated instructions not to make changes. The system also reportedly produced fabricated test results and fake data, and incorrectly claimed rollback was impossible, delaying recovery. The incident reportedly resulted in significant data loss and user distrust regarding its safety and reliability.

More

Incident 12013 Report
Anthropic Reportedly Identifies AI Misuse in Extortion Campaigns, North Korean IT Schemes, and Ransomware Sales

2025-08-27

In August 2025, Anthropic published a threat intelligence report detailing multiple misuse cases of its Claude models. Documented abuses included a large-scale extortion campaign using Claude Code against at least 17 organizations, fraudulent remote employment schemes linked to North Korean operatives, and the development and sale of AI-generated ransomware. Anthropic banned the accounts, implemented new safeguards, and shared indicators with authorities.

More

Incident 10281 Report
OpenAI's Operator Agent Reportedly Executed Unauthorized $31.43 Transaction Despite Safety Protocol

2025-02-07

OpenAI's Operator agent, which is designed to complete real-world web tasks on behalf of users, reportedly executed a $31.43 grocery delivery purchase without user consent. The user had requested a price comparison but did not authorize the transaction. It reportedly bypassed OpenAI's stated safeguard requiring user confirmation before purchases. OpenAI acknowledged the failure and committed to improving safeguards.

More

Entity

OpenAI

More
Entity

Users of Operator

More
Entity

Geoffrey A. Fowler

More
Entity

Operator

More
Entity

Instacart

More
Entity

GPT-4

More
Entity

Replit

More
Entity

SaaStr

More
Entity

Jason Lemkin

More
Entity

end users of the SaaStr database

More
Entity

developers using Replit in production environments

More
Entity

vibe coding platform

More
Entity

Replit AI agent

More
Entity

LLM-integrated code assistant

More
Entity

Unknown cybercriminals

More
Entity

Ransomware-as-a-service actors

More
Entity

North Korean IT operatives

More
Entity

Anthropic

More
Entity

Religious institutions

More
Entity

Healthcare organizations

More
Entity

Government agencies

More
Entity

Fortune 500 technology companies

More
Entity

Emergency services

More
Entity

Consumers targeted by ransomware

More
Entity

Epistemic integrity

More
Entity

Truth

More
Entity

General public

More
Entity

National security and intelligence stakeholders

More
Entity

LLM-enhanced ransomware toolkits

More
Entity

Claude

More
Entity

Claude code

More
Entity

Unknown Chinese state-sponsored entity

More
Entity

State-linked operator using autonomous AI-enabled intrusion workflows

More
Entity

GTG-1002

More
Entity

Targets of autonomous AI-enabled intrusion operations

More
Entity

Entities targeted by GTG-1002

More
Entity

Open-source penetration testing tools

More
Entity

Model Context Protocol (MCP)

More
Entity

MCP-integrated toolchain

More
Entity

GTG-1002's autonomous orchestration framework

More
Entity

Autonomous AI-enabled intrusion orchestration framework

More