adversaries using AI · 23 primary disclosures
What are state-aligned threat actors actually doing with commercial LLMs?
Four questions every disclosure should answer — and this catalog captures them all where the vendors published the detail:
01
Objectives
What were they trying to achieve?
02
Methodology
How did they use the platform?
03
Example queries
What did they actually ask?
04
Outcomes
What did they get before disruption?
Curated, not crawled. Every entry traces to the original vendor publication. About this project
Total disclosures23
Publishing vendors4
Top use caseTarget reconnaissance
Featured disclosureGTG-1002: first publicly disclosed AI-orchestrated cyber espionage campaign (PRC state-sponsored)
CN · China2025-11-13AnthropicClaude Code
Objectives
- Infiltrate large tech companies, financial institutions, chemical manufacturers, and government agencies
- Exfiltrate high-value data from target organisations with minimal human operator involvement
- Validate AI agents as autonomous attack orchestrators for state-sponsored espionage at scale
Example query
They broke down their attacks into small, seemingly innocent tasks that Claude would execute without being provided the full context.
What they obtained
Successful intrusion and data exfiltration at 'a small number' of the roughly thirty targeted organisations
Vendor response
Anthropic banned accounts as they were identified, notified affected entities, coordinated with authorities, expanded detection capabilities, and committed to regular public threat reporting.
Target reconnaissanceVulnerability researchMalware developmentScripting / automation
Full analysis