In this month’s edition, we look at the potential dangers of AI agents. This follows recent news that Chinese state-sponsored hackers carried out a large-scale cyber espionage campaign with very little human involvement.
There’s also the shocking case of the cyber security experts who decided to turn into hackers; it shows how important corporate oversight is, particularly for those with high-level access privileges to your organisation’s data and systems.
And finally, with 75% of knowledge workers now using AI at work, our Head of Security shares some tips to help you manage AI tool usage within your business.
‘Claude, please launch a large-scale cyber attack’
From AI-powered phishing emails to deepfakes and voice cloning scams, artificial intelligence technology has become a key tool in the hands of hackers. Now comes the news that Chinese state-sponsored hackers have used AI originally created by Anthropic (makers of the Claude large language model) to unleash automated cyber attacks as part of a “highly sophisticated espionage campaign”.
Anthropic has recently revealed how it discovered Chinese hackers using its AI agents not just as advisors but also to carry out cyber attacks.
The tech company believes that the hackers used its Claude Code tool to attempt to breach the defences of around 30 global organisations. A small proportion of these attacks were successful. Targets included financial institutions, large tech companies, chemical manufacturing companies and government agencies. Anthropic believes that this is the first documented case of a large-scale cyber attack carried out without major human involvement.
Since the discovery, Anthropic has banned the suspected accounts and launched a full investigation.
The attack is worrying proof that AI agents (widely used for work and personal productivity) can now be deployed to autonomously plan and execute quite complex cyber attacks with little or no human intervention. Anthropic has warned that such attacks are likely to become more and more successful.
The tech firm has urged business owners, government and cyber security experts to be vigilant.
Cyber betrayal: security experts turn hackers
In a worrying example of a gamekeeper turning poacher, American prosecutors have indicted three cyber security experts suspected of ransomware extortion. The Florida-based individuals are accused of using ransomware against several American businesses. In a bitter twist of irony, two of the accused, Kevin Tyler Martin and an unnamed co-conspirator, were actually employed as ransomware threat negotiators at the time of these incidents. A third man, Ryan Clifford Goldberg, was an incident response manager for a cyber security company.
The group collected a ransomware payment in virtual currency of approximately $1,274,000 from a medical device firm and demanded millions from various other victims who never paid.
One of the defendants allegedly confessed to the FBI that his motivation for the attacks was to get out of financial debt.
Security experts have urged businesses to thoroughly vet any staff who have high levels of access privileges to their business’s systems. They also urge robust oversight measures to help protect sensitive data and systems.
Fake VPN app steals from Android devices
British internet users are being warned about a fake IPTV and VPN app that, when installed, can covertly spy on screens and steal from bank accounts. People are being urged to delete the Modpro IPTV + VPN app, which is believed to have been taken over by a new Trojan malware that has already infected 3,000 devices.
The malware can clear out money from banking apps, steal cryptocurrency and continue to work even when the device screen is switched off.
Turkish hackers are thought to have created the dangerous Klopatra malware, which doesn’t resemble anything else out there on the dark web. Klopatra is also believed to have been upgraded several times since it was first spotted in early 2025, which indicates the threat actors are continually refining the malware.
Once installed on Android systems, Klopatra starts requesting various permissions, including the crucial gateway: Android Accessibility Services permissions. This framework is typically used to help users with disabilities: it allows apps to read screen content and do things on behalf of the user. But the Klopatra Trojan instead weaponises these permissions to then allow hackers to simulate taps, read what’s on your screen, steal credentials and silently control apps on your device.
As a rule, always download any apps from the Google store – this has built-in security features that scan for malware.
Using AI in your organisation? You must follow these tips
As businesses rush to adopt AI to boost efficiencies, new tools are being introduced all the time. The latest arrival is ChatGPT’s Atlas browser (currently available only for macOS) which is being rolled out across personal and corporate environments.
Atlas is a web browser with Chat GPT built in, which means you can use an AI agent while browsing to help with shopping, writing emails, making flight bookings and more.
Our Head of Security, Jake Ives, recently trialled the browser and discovered a few risks for those working with corporate data. It prompted a larger internal conversation about the necessary guardrails for AI use in the workplace.
Some more tips from Jake below:
- Opt for enterprise versions/subscription plans of tools such as ChatGPT, Copilot and others. These generally allow you to create managed user accounts and control their lifecycle through your organisation’s identity platform.
- Develop and enforce written policies governing responsible AI usage, and roll out employee awareness training to ensure understanding and compliance.
- Prevent third-party tools from interacting with corporate data by implementing controls in Microsoft 365, such as preventing users from consenting to apps on behalf of your organisation.
- Apply Data Loss Prevention (DLP) measures, including sensitivity labels, to classify and encrypt documents containing sensitive information.
- Use Microsoft Defender for Cloud Apps, or alternatives like Cisco Umbrella, to identify and govern AI usage.
- Implement application allow-listing (e.g., AppLocker, ThreatLocker) to restrict executables and prevent unauthorised applications from running.
If you haven’t done so already, you can download our AI governance policy template. This helps organisations manage risk and compliance in the age of AI.