AI Used as Part of Sophisticated Espionage Campaign
- By Ralph C. Jensen
- Nov 14, 2025
A cybersecurity inflection point has been reached in which AI models has become genuinely useful in cybersecurity operation. But to no surprise, they can used for both good works and ill will. Systemic evaluations show cyber capabilities double in six months, and they have been tracking real-world cyberattacks showing how malicious actors were using AI capabilities. These capabilities were predicted and are expected to evolve, but what stood out for researchers was how quickly they have done so, at scale.
In September, suspicious activity was detected and determined to be a highly sophisticated espionage campaign. The attackers used AI’s agentic capabilities to an unprecedented degree. AI was not just as an advisor, but would execute cyberattacks themselves.
It was determined that the threat actor was a Chinese state-sponsored group manipulated the Claude Code tool into attempting infiltration into roughly 30 global targets and succeeded in a small number of cases. The operation targeted and affected large tech companies, financial institutions, chemical manufacturing companies, and government agencies. Researchers believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention.
Upon detecting this activity, an immediate investigation was launched to understand the scope and nature. Over the following 10 days, researchers mapped the severity and extent of the operation. Banned accounts as they were identified, notified affected entities as appropriate, and coordinated with authorities as we gathered actionable intelligence.
This campaign has substantial implications for cybersecurity in the age of AI “agents”—systems that can be run autonomously for long periods of time and that complete complex tasks largely independent of human intervention. Agents are valuable for everyday work and productivity—but in the wrong hands, they can substantially increase the viability of large-scale cyberattacks.
These attacks grow in their effectiveness. To keep pace with this rapidly-advancing threat, researchers have expanded detection capabilities and developed better classifiers to flag malicious activity. Researchers are continually working on new methods of investigating and detecting large-scale, distributed attacks like this one.
The case is being share publicly, and in the meantime, it is meant to help workers in industry, government and the wider research community strengthen their own cyber defenses. We’ll continue to release reports like this regularly and be transparent about the identified threats.
About the Author
Ralph C. Jensen is the Publisher/Editor in chief of Security Today magazine.