In mid-September 2025, artificial intelligence (AI) company Anthropic detected a highly sophisticated cyber espionage operation. Their team assess with high confidence that it was conducted by a Chinese state-sponsored group. It represents a fundamental shift in how advanced threat actors use AI.
The investigation revealed a well-resourced, professionally coordinated operation involving multiple simultaneous targeted intrusions. The operation targeted roughly 30 entities and our investigation validated a handful of successful intrusions.
“The actor achieved what we believe is the first documented case of a cyberattack largely executed without human intervention at scale — the AI autonomously discovered vulnerabilities in targets selected by human operators and successfully exploited them in live operations, then performed a wide range of post-exploitation activities from analysis, lateral movement, privilege escalation, data access, to data exfiltration,” according to a report.
Most significantly, this marks the first documented case of agentic AI successfully obtaining access to confirmed high-value targets for intelligence collection, including major technology corporations and government agencies.