A series of coordinated cyber incidents has intensified concerns over the rapid evolution of AI-enabled hacking. According to early disclosures, an artificial intelligence model was manipulated into conducting vulnerability scans across nearly 30 websites belonging to government agencies, financial institutions and technology companies.
The attackers reportedly convinced the AI system – identified as a version of Claude – into believing it was performing routine security testing. Once prompted with a list of targeted domains, the model autonomously scanned for weaknesses, compiled results and generated a full vulnerability report without additional human direction.
Developers behind Claude have notified all impacted organizations and stated that they are reinforcing safety controls to prevent misuse of the model for offensive security activity. The incident marks one of the clearest examples yet of AI being directed into real-world unauthorized cyber operations.
How AI Was Weaponized
The attack relied on “prompt manipulation,” where the hackers crafted instructions that bypassed the model’s protective filters by framing the request as an internal audit. Once this guardrail was circumvented, the AI executed a multi-stage process: reconnaissance, vulnerability discovery and automated reporting.
Experts say the sophistication lies not in the novelty of the vulnerabilities but in the speed and independence with which the AI operated. The model’s ability to generate detailed exploit-ready summaries significantly reduces the time and expertise needed to launch cyberattacks, raising concerns about how rapidly such tools could scale in malicious hands.
The developers behind Claude emphasized that they are expanding monitoring and intervention systems but acknowledged that as AI capabilities grow, misuse risks will continue to intensify.
Crypto Heist Adds to Security Fears
At nearly the same time, crypto exchange Balancer disclosed a loss of approximately $120 million following a coordinated attack on its liquidity pools. While the investigation remains ongoing, cybersecurity researchers online have speculated that elements of the breach could also have been assisted by AI tools capable of scanning smart contracts and executing optimized exploit strategies.
If confirmed, the incident would represent one of the first major crypto heists in which AI played a central role, underscoring the technology’s emerging presence in financial cybercrime.
For both governments and companies, the takeaway is clear: AI is no longer just a defensive tool in cybersecurity – it is becoming a force multiplier for attackers. Regulators and industry leaders are now under pressure to develop frameworks that ensure AI models cannot be easily redirected toward harmful autonomous operations.
