Business
How our AI bots are ignoring their programming and giving hackers superpowers
Welcome to the age of AI hacking, in which the right prompts make amateurs into master hackers.
A group of cybercriminals recently used off-the-shelf artificial intelligence chatbots to steal data on nearly 200 million taxpayers. The bots provided the code and ready-to-execute plans to bypass firewalls.
Although they were explicitly programmed to refuse to help hackers, the bots were duped into abetting the cybercrime.
According to a recent report from Israeli cybersecurity firm Gambit Security, hackers last month used Claude, the chatbot from Anthropic, to steal 150 gigabytes of data from Mexican government agencies.
Claude initially refused to cooperate with the hacking attempts and even denied requests to cover the hackers’ digital tracks, the experts who discovered the breach said. The group pummelled the bot with more than 1,000 prompts to bypass the safeguards and convince Claude they were allowed to test the system for vulnerabilities.
AI companies have been trying to create unbreakable chains on their AI models to restrain them from helping do things such as generating child sexual content or aiding in sourcing and creating weapons. They hire entire teams to try to break their own chatbots before someone else does.
But in this case, hackers continuously prompted Claude in creative ways and were able to “jailbreak” the chatbot to assist them. When they encountered problems with Claude, the hackers used OpenAI’s ChatGPT for data analysis and to learn which credentials were required to move through the system undetected.
The group used AI to find and exploit vulnerabilities, bypass defences, create backdoors and analyze data along the way to gain control of the systems before they stole 195 million identities from nine Mexican government systems, including tax records, vehicle registration as well as birth and property details.
AI “doesn’t sleep,” Curtis Simpson, chief executive of Gambit Security, said in a blog post. “It collapses the cost of sophistication to near zero.”
“No amount of prevention investment would have made this attack impossible,” he said.
Anthropic did not respond to a request for comment. It told Bloomberg that it had banned the accounts involved and disrupted their activity after an investigation.
OpenAI said it is aware of the attack campaign carried out using Anthropic’s models against the Mexican government agencies.
“We also identified other attempts by the adversary to use our models for activities that violate our usage policies; our models refused to comply with these attempts,” an OpenAI spokesperson said in a statement. “We have banned the accounts used by this adversary and value the outreach from Gambit Security.”
Instances of generative AI-assisted hacking are on the rise, and the threat of cyberattacks from bots acting on their own is no longer science fiction. With AI doing their bidding, novices can cause damage in moments, while experienced hackers can launch many more sophisticated attacks with much less effort.
Earlier this year, Amazon discovered that a low-skilled hacker used commercially available AI to breach 600 firewalls. Another took control of thousands of DJI robot vacuums with help from Claude, and was able to access live video feed, audio and floor plans of strangers.
“The kinds of things we’re seeing today are only the early signs of the kinds of things that AIs will be able to do in a few years,” said Nikola Jurkovic, an expert working on reducing risks from advanced AI. “So we need to urgently prepare.”
Late last year, Anthropic warned that society has reached an “inflection point” in AI use in cybersecurity after disrupting what the company said was a Chinese state-sponsored espionage campaign that used Claude to infiltrate 30 global targets, including financial institutions and government agencies.
Generative AI also has been used to extort companies, create realistic online profiles by North Korean operatives to secure jobs in U.S. Fortune 500 companies, run romance scams and operate a network of Russian propaganda accounts.
Over the last few years, AI models have gone from being able to manage tasks lasting only a few seconds to today’s AI agents working autonomously for many hours. AI’s capability to complete long tasks is doubling every seven months.
“We just don’t actually know what is the upper limit of AI’s capability, because no one’s made benchmarks that are difficult enough so the AI can’t do them,” said Jurkovic, who works at METR, a nonprofit that measures AI system capabilities to cause catastrophic harm to society.
So far, the most common use of AI for hacking has been social engineering. Large language models are used to write convincing emails to dupe people out of their money, causing an eight-fold increase in complaints from older Americans as they lost $4.9 billion in online fraud in 2025.
“The messages used to elicit a click from the target can now be generated on a per-user basis more efficiently and with fewer tell-tale signs of phishing,” such as grammatical and spelling errors, said Cliff Neuman, an associate professor of computer science at USC.
AI companies have been responding using AI to detect attacks, audit code and patch vulnerabilities.
“Ultimately, the big imbalance stems from the need of the good-actors to be secure all the time, and of the bad-actors to be right only once,” Neuman said.
The stakes around AI are rising as it infiltrates every aspect of the economy. Many are concerned that there is insufficient understanding of how to ensure it cannot be misused by bad actors or nudged to go rogue.
Even those at the top of the industry have warned users about the potential misuse of AI.
Dario Amodei, the CEO of Anthropic, has long advocated that the AI systems being built are unpredictable and difficult to control. These AIs have shown behaviors as varied as deception and blackmail, to scheming and cheating by hacking software.
Still, major AI companies — OpenAI, Anthropic, xAI, and Google — signed contracts with the U.S. government to use their AIs in military operations.
This last week, the Pentagon directed federal agencies to phase out Claude after the company refused to back down on its demand that it wouldn’t allow its AI to be used for mass domestic surveillance and fully autonomous weapons.
“The AI systems of today are nowhere near reliable enough to make fully autonomous weapons,” Amodei told CBS News.
An actress accused the director James Cameron of stealing her likeness to create an “Avatar” character in a lawsuit filed on Tuesday in California — a case that reflects a core fear among Hollywood performers in the artificial intelligence age: losing control of their own faces.
The actress, Q’orianka Kilcher, also sued Disney, which controls the multibillion-dollar “Avatar” franchise, which started in 2009.
“In the age of A.I., our likeness is no longer safe,” Ms. Kilcher, 36, said in an interview. “While what happened to me is personal, it’s also a big warning that, if we don’t act now, this type of thing will become standard. This case is about the future of identity.”
The lawsuit involves Neytiri, the digitally created, blue-skinned warrior princess in Mr. Cameron’s three “Avatar” blockbusters. According to the complaint, Mr. Cameron used a photo of Ms. Kilcher as a teenager — without her knowledge — as the foundation for Neytiri, incorporating her features “directly into his production art” and digital production pipeline.
“Neytiri’s lips, chin, jawline and overall mouth shape” in the trilogy “are Q’orianka Kilcher’s,” the complaint said. “This was not a fleeting inspiration or a vague homage; it was a literal transplant of a real teenager’s facial structure.”
In 2010, Ms. Kilcher, who is also an Indigenous rights activist, met Mr. Cameron by chance at a charity event in Hollywood, where he told her that she was the “early inspiration” for Neytiri’s look, according to the complaint. “She did not take this to mean that her actual face had been replicated,” the complaint said.
Ms. Kilcher is suing now, the complaint said, because of an interview that Mr. Cameron gave to a French media outlet in 2024. In the interview, Mr. Cameron mentions Ms. Kilcher and “points to an image of Neytiri and says unambiguously: ‘This is actually her lower face,’” the complaint said. The interview came to her attention a year later.
“For the first time in a public forum, Cameron explicitly admitted the full truth about Neytiri’s design,” according to the complaint, which was filed in the U.S. District Court for the Central District of California in Los Angeles. “One of Hollywood’s most powerful filmmakers exploited a young Indigenous girl’s biometric identity and cultural heritage to create a record-breaking film franchise, without credit or compensation to her.”
A lawyer for Mr. Cameron did not respond to a request for comment. Disney had no immediate comment.
Ms. Kilcher’s action is the latest in a large number of legal attacks on “Avatar” over the years — almost all of them resolved by courts in Mr. Cameron’s favor, including five separate lawsuits accusing him of copyright infringement or the stealing of ideas. A sixth infringement lawsuit is ongoing and was expanded last month.
In part, Ms. Kilcher is suing under California’s decades-old “right of publicity” statute, which allows people to bring claims against unauthorized use of their identities. It’s a complex area of the law that has taken on a new immediacy in the age of generative A.I., an emerging technology that allows anyone with an internet connection to easily create images that replicate existing art, photographs and human likenesses.
Generally speaking, right-of-publicity laws (about 25 states have one) balance First Amendment protections by distinguishing between commercial exploitation (using a likeness to sell a product) and expressive works (such as news, art, parody). But “there is not always a bright line,” said Jennifer E. Rothman, a professor at the University of Pennsylvania’s Carey Law School who is viewed as a leading authority on right-to-privacy law.
Ms. Kilcher’s break in Hollywood came in 2005 when, as a 14-year-old, she was cast as Pocahontas in Terrence Malick’s “The New World.” She has since acted in films like “Dog” and TV shows like “Yellowstone,” and is a member of the Academy of Motion Picture Arts and Sciences.
Ms. Kilcher is asking for damages that include “all profits” attributable to the unauthorized use, including from the sale of “Avatar” tickets; the three “Avatar” films have collected $1.8 billion at the North American box office alone.
“The damages we are asking for are commensurate with the exploitation,” Arnold P. Peter, one of Ms. Kilcher’s lawyers, said in an interview.
Cryptocurrency exchange Coinbase said it’s slashing roughly 14% of its workforce, or about 700 workers, partly because artificial intelligence is reshaping the way people work.
“The biggest risk now is not taking action. We are adjusting early and deliberately to rebuild Coinbase to be lean, fast, and AI-native,” Coinbase Chief Executive and co-founder Brian Armstrong said in a Tuesday email to employees.
The email, which was posted on social media, said engineers with the help of AI are completing work in days rather than weeks. As more tasks get automated, that’s made it possible for the company to lean on smaller teams.
The company also cited other factors contributing to the job losses, including the volatility of the cryptocurrency business.
Founded in San Francisco, Coinbase is the largest cryptocurrency exchange in the United States. Millions of people use its platform to buy, sell, transfer and store cryptocurrency such as Bitcoin.
Coinbase is among tech companies that have been laying off workers and pointing to how AI is making workers more productive. Although some experts say the role AI has been playing is overblown, advancements in technology have also made it possible to generate code and automate other tasks. Companies are also spending more on artificial intelligence, some building new AI-powered gadgets or building out new data centers.
This year, companies such as Block, Meta, Oracle and more have announced they’re slashing thousands of workers. From January to March, tech companies have announced 52,050 layoffs, up 40% from the same period last year, according to outplacement and executive coaching firm Challenger, Gray & Christmas.
Coinbase is also changing how it operates, Armstrong told employees. It’s reducing management layers and some leaders will oversee 15 workers or more, his email said. Managers will operate like “player-coaches” and it’s experimenting with “one person teams” in which the role of an engineer, designer and product manager are part of one position.
“AI is bringing a profound shift in how companies operate, and we’re reshaping Coinbase to lead in this new era,” Armstrong told employees. “This is a new way of working, and we need to leverage AI across every facet of our jobs.”
Coinbase largely makes money from cryptocurrency transaction fees, but trading activity has slowed. In the fourth quarter of 2025, the company reported total revenue of roughly $1.8 billion, missing analysts’ expectations. The company posted a net loss of $667 million during that quarter, which it partly attributed to losses in certain strategic investments.
As of December, Coinbase had more than 4,900 employees, according to its website. Although the company leased office space in San Francisco, it has allowed employees to work remotely and doesn’t have a physical headquarters.
Coinbase’s share price fell more than 2% on Tuesday to $197.75.
The U.S. trade deficit in goods and services rose to $60.3 billion in March, increasing 4.4 percent from the previous month, after the Supreme Court struck down President Trump’s global tariffs, according to data from the Commerce Department released on Tuesday.
Exports grew 2 percent in the month, to a record $320.9 billion, as the United States exported more oil, soybeans and industrial supplies. The U.S. trade surplus in petroleum hit a record in March, as war with Iran pushed up the price of oil and U.S. energy exports. Imports also gained 2.3 percent in March, to $381.2 billion. The combination increased the monthly trade deficit, the gap between what the United States imports and what it exports.
Tariffs resulted in up-and-down swings in the trade deficit last year. The monthly trade deficit is now somewhat lower than it was in 2024. But overall, the figure hit a record last year, as the United States continued to import high-priced computer chips and weight-loss drugs, and importers stockpiled foreign goods before tariffs took effect.
The data provided the first snapshot of trade since the Supreme Court ruling forced major changes to the Trump administration’s tariff regime.
On Feb. 20, the Supreme Court ruled that Mr. Trump had exceeded his authority last year when he used an emergency law to impose steep tariffs on nearly every nation.
That ruling forced the administration to withdraw the double-digit tariffs it had issued under that law, which varied by country based on bilateral trade deficits. Mr. Trump immediately moved to replace those levies with a flat 10 percent tariff, issued under a legal authority known as Section 122.
The Section 122 tariff will expire in July unless Congress votes to reauthorize it. So the Trump administration has been working on tariffs to replace it. It has started two trade investigations under another legal provision known as Section 301, which allows the president to impose tariffs in response to unfair trade practices.
One of the new investigations would target countries that don’t have laws blocking imports made with forced labor. The other centers on what the administration calls “excess capacity” among 16 of the country’s largest trading partners.
The Trump administration says overproduction in the factory sectors of some foreign countries has resulted in large and persistent U.S. trade deficits with those nations. Representatives from various industries, ranging from sugar to technology to chemicals, are set to testify about the investigation on Tuesday and Wednesday in Washington this week.
Next week, Mr. Trump is expected to visit Beijing, for a meeting with the Chinese leader that will be partly focused on trade. U.S. imports from China have shrunk significantly, as the administration has imposed high tariffs on Chinese goods, and companies have relocated supply chains out of the country.
-
Oklahoma1 minute agoFederal marijuana changes could impact how Oklahoma dispensaries operate
-
Oregon7 minutes agoOregon spa advertised on escort website, offered commercial sex acts, police say
-
Pennsylvania13 minutes agoSherry Buchanan, Farrell, PA
-
Rhode Island19 minutes agoSeveral Rhode Islanders win lottery prizes, $2 million Powerball prize still unclaimed
-
South-Carolina25 minutes ago
South Carolina joins Southern redistricting push after US Supreme Court ruling on minority districts
-
South Dakota31 minutes ago
SD Lottery Mega Millions, Millionaire for Life winning numbers for May 5, 2026
-
Tennessee37 minutes agoRising fertilizer costs could hit Tennessee farmers, and possibly your grocery bill
-
Texas43 minutes agoWinning numbers drawn in Tuesday’s Texas All or Nothing Night