Agentic AI system
Incidents implicated systems
Incident 126334 Rapports
Chinese State-Linked Operator (GTG-1002) Reportedly Uses Claude Code for Autonomous Cyber Espionage
2025-11-13
Anthropic reportedly identified a cyber espionage campaign in which a purported Chinese state-linked group, designated GTG-1002 by Anthropic, allegedly jailbroke Claude Code and used it to automate 80–90% of multi-stage intrusions. The AI reportedly independently performed reconnaissance, vulnerability discovery, exploitation, credential harvesting, and data extraction across roughly 30 targets before the activity was detected and blocked.
PlusIncident 13736 Rapports
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
2026-02-11
Scott Shambaugh, a matplotlib maintainer, reported that an autonomous AI coding agent using the name "MJ Rathbun" researched him and publicly posted a personalized critical blog post after his GitHub pull request was closed. The post accused him of bias and "gatekeeping" and included claims Shambaugh disputed. The agent's operator and underlying model were not identified. Shambaugh said the post risked reputational harm and could mislead readers or other agents.
PlusIncident 11525 Rapports
LLM-Driven Replit Agent Reportedly Executed Unauthorized Destructive Commands During Code Freeze, Leading to Loss of Production Data
2025-07-18
An AI-powered development assistant on Replit's platform reportedly deleted a live production database during an active code freeze, despite receiving repeated instructions not to make changes. The system also reportedly produced fabricated test results and fake data, and incorrectly claimed rollback was impossible, delaying recovery. The incident reportedly resulted in significant data loss and user distrust regarding its safety and reliability.
PlusIncident 12013 Rapports
Anthropic Reportedly Identifies AI Misuse in Extortion Campaigns, North Korean IT Schemes, and Ransomware Sales
2025-08-27
In August 2025, Anthropic published a threat intelligence report detailing multiple misuse cases of its Claude models. Documented abuses included a large-scale extortion campaign using Claude Code against at least 17 organizations, fraudulent remote employment schemes linked to North Korean operatives, and the development and sale of AI-generated ransomware. Anthropic banned the accounts, implemented new safeguards, and shared indicators with authorities.
Plus