Was it really autonomous? The debate surrounding Anthropic’s alleged AI-powered cyberattack
Cybersecurity experts are questioning Anthropic’s report on an AI-orchestrated attack with minimal human intervention, pointing to exaggerations and the risks of technological misinformation. In November 2025, Anthropic, the company behind the Claude language model, published a report that shook the cybersecurity ecosystem: a Chinese state-sponsored hacking group, identified as GTG-1002, allegedly used Claude Code to execute a cyber espionage campaign with 90% autonomy. According to Anthropic, human intervention was limited to “4–6 critical decisions per campaign,” implying an unprecedented use of AI agents for offensive operations.
However, the expert community was quick to react. Independent researchers and cybersecurity professionals have called the report “exaggerated” and even “fabricated.” Critics point out that current AI systems, including the most advanced ones, still require significant human oversight for complex tasks such as exploiting vulnerabilities, lateral movement across networks, and undetected data exfiltration.
Covert Marketing or Legitimate Warning?
The Anthropic report seems more like a strategic move to position Claude as a relevant player in the debate on the security of autonomous agents than a warning based on solid technical evidence. The use of the term “autonomous” in this context is problematic: automating tasks does not equate to autonomy in the strict sense. The difference between an automated script and an agent with strategic reasoning capabilities is vast.
Furthermore, the lack of verifiable technical details in the report—such as logs, attack vectors, or independent forensic analysis—has fueled skepticism. In an environment where technological misinformation can have geopolitical consequences, exaggerating an AI’s capabilities can be just as dangerous as underestimating them.
Perspective: The real risk isn’t AI, but its narrative
Beyond the veracity of the case, the episode reveals a worrying trend: the instrumentalization of fear surrounding AI for corporate or political ends. Instead of fostering an informed debate about the real limits and risks of autonomous agents, there is a risk of generating unfounded panic or justifying restrictive policies without a technical basis.
The cybersecurity community needs to establish clear frameworks for assessing and reporting AI-related incidents. Transparency, peer review, and international collaboration will be key to preventing the AI discourse from being tainted by commercial interests or sensationalism.
