In mid-November 2025, the report notes that Anthropic detected what appears to be one of the first autonomous AI-driven cyber-espionage campaigns, in which an AI agent (built using Claude Code) carried out most of a multi-stage attack with minimal human oversight. The document argues this marks a major shift: attackers may now scale operations across numerous targets at high tempo, and even less-sophisticated actors could exploit these capabilities, forcing defenders into a reactive posture. The report also highlights that while foundational security controls still matter, the balance is shifting toward offense unless defensive postures evolve rapidly. Among its recommended actions are: investing in measurement and assessment of autonomous attack capabilities, strengthening core cybersecurity hygiene (particularly for critical infrastructure), and promoting “differential access” strategies so defenders have priority access to advanced AI tools.
