Entidades

Agentic AI system

Incidents implicated systems

Incidente 126327 Reportes
Chinese State-Linked Operator (GTG-1002) Reportedly Uses Claude Code for Autonomous Cyber Espionage

2025-11-13

Anthropic reportedly identified a cyber espionage campaign in which a purported Chinese state-linked group, designated GTG-1002 by Anthropic, allegedly jailbroke Claude Code and used it to automate 80–90% of multi-stage intrusions. The AI reportedly independently performed reconnaissance, vulnerability discovery, exploitation, credential harvesting, and data extraction across roughly 30 targets before the activity was detected and blocked.

Más

Incidente 11525 Reportes
LLM-Driven Replit Agent Reportedly Executed Unauthorized Destructive Commands During Code Freeze, Leading to Loss of Production Data

2025-07-18

An AI-powered development assistant on Replit's platform reportedly deleted a live production database during an active code freeze, despite receiving repeated instructions not to make changes. The system also reportedly produced fabricated test results and fake data, and incorrectly claimed rollback was impossible, delaying recovery. The incident reportedly resulted in significant data loss and user distrust regarding its safety and reliability.

Más

Incidente 12013 Reportes
Anthropic Reportedly Identifies AI Misuse in Extortion Campaigns, North Korean IT Schemes, and Ransomware Sales

2025-08-27

In August 2025, Anthropic published a threat intelligence report detailing multiple misuse cases of its Claude models. Documented abuses included a large-scale extortion campaign using Claude Code against at least 17 organizations, fraudulent remote employment schemes linked to North Korean operatives, and the development and sale of AI-generated ransomware. Anthropic banned the accounts, implemented new safeguards, and shared indicators with authorities.

Más

Incidente 10281 Reporte
OpenAI's Operator Agent Reportedly Executed Unauthorized $31.43 Transaction Despite Safety Protocol

2025-02-07

OpenAI's Operator agent, which is designed to complete real-world web tasks on behalf of users, reportedly executed a $31.43 grocery delivery purchase without user consent. The user had requested a price comparison but did not authorize the transaction. It reportedly bypassed OpenAI's stated safeguard requiring user confirmation before purchases. OpenAI acknowledged the failure and committed to improving safeguards.

Más

Entity

OpenAI

Más
Entity

Users of Operator

Más
Entity

Geoffrey A. Fowler

Más
Entity

Operator

Más
Entity

Instacart

Más
Entity

GPT-4

Más
Entity

Replit

Más
Entity

SaaStr

Más
Entity

Jason Lemkin

Más
Entity

end users of the SaaStr database

Más
Entity

developers using Replit in production environments

Más
Entity

vibe coding platform

Más
Entity

Replit AI agent

Más
Entity

LLM-integrated code assistant

Más
Entity

Unknown cybercriminals

Más
Entity

Ransomware-as-a-service actors

Más
Entity

North Korean IT operatives

Más
Entity

Anthropic

Más
Entity

Religious institutions

Más
Entity

Healthcare organizations

Más
Entity

Government agencies

Más
Entity

Fortune 500 technology companies

Más
Entity

Emergency services

Más
Entity

Consumers targeted by ransomware

Más
Entity

Epistemic integrity

Más
Entity

Truth

Más
Entity

General public

Más
Entity

National security and intelligence stakeholders

Más
Entity

LLM-enhanced ransomware toolkits

Más
Entity

Claude

Más
Entity

Claude code

Más
Entity

Unknown Chinese state-sponsored entity

Más
Entity

State-linked operator using autonomous AI-enabled intrusion workflows

Más
Entity

GTG-1002

Más
Entity

Targets of autonomous AI-enabled intrusion operations

Más
Entity

Entities targeted by GTG-1002

Más
Entity

Open-source penetration testing tools

Más
Entity

Model Context Protocol (MCP)

Más
Entity

MCP-integrated toolchain

Más
Entity

GTG-1002's autonomous orchestration framework

Más
Entity

Autonomous AI-enabled intrusion orchestration framework

Más