Connect with us

Technology

Chinese hackers turned AI tools into an automated attack machine

Published

on

Chinese hackers turned AI tools into an automated attack machine

NEWYou can now listen to Fox News articles!

Cybersecurity has been reshaped by the rapid rise of advanced artificial intelligence tools, and recent incidents show just how quickly the threat landscape is shifting.

Over the past year, we’ve seen a surge in attacks powered by AI models that can write code, scan networks and automate complex tasks. This capability has helped defenders, but it has also enabled attackers to move faster than before.

The latest example is a major cyberespionage campaign conducted by a Chinese state-linked group that used Anthropic’s Claude to carry out large parts of an attack with very little human involvement.

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Advertisement

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter 

How Chinese hackers turned Claude into an automated attack machine

In mid-September 2025, Anthropic investigators spotted unusual behavior that eventually revealed a coordinated and well-resourced campaign. The threat actor, assessed with high confidence as a Chinese state-sponsored group, had used Claude Code to target roughly 30 organizations worldwide. The list included major tech firms, financial institutions, chemical manufacturers and government bodies. A small number of those attempts resulted in successful breaches.

Claude handled most of the operation autonomously, triggering thousands of requests and generating detailed documentation of the attack for future use. (Kurt “CyberGuy” Knutsson)

How the attackers bypassed Claude’s safeguards

This was not a typical intrusion. The attackers built a framework that let Claude act as an autonomous operator. Instead of asking the model to help, they tasked it with executing most of the attack. Claude inspected systems, mapped out internal infrastructure and flagged databases worth targeting. The speed was unlike anything a human team could replicate.

To get around Claude’s safety rules, the attackers broke their plan into tiny, innocent-looking steps. They also told the model it was part of a legitimate cybersecurity team performing defensive testing. Anthropic later noted that the attackers didn’t simply hand tasks to Claude; they engineered the operation to make the model believe it was performing authorized pentesting work, splitting the attack into harmless-looking pieces and using multiple jailbreak techniques to push past its safeguards. Once inside, Claude researched vulnerabilities, wrote custom exploits, harvested credentials and expanded access. It worked through these steps with little supervision and reported back only when it needed human approval for major decisions.

Advertisement

The model also handled the data extraction. It collected sensitive information, sorted it by value and identified high-privilege accounts. It even created backdoors for future use. In the final stage, Claude generated detailed documentation of what it had done. This included stolen credentials, systems analyzed and notes that could guide future operations.

Across the entire campaign, investigators estimate that Claude performed around 80-90% of the work. Human operators stepped in only a handful of times. At its peak, the AI triggered thousands of requests, often multiple per second, a pace still far beyond what any human team could achieve. Although it occasionally hallucinated credentials or misread public data as secret, those errors underscored that fully autonomous cyberattacks still face limitations, even when an AI model handles the majority of the work.

Why this AI-powered Claude attack is a turning point for cybersecurity

This campaign shows how much the barrier to high-end cyberattacks has dropped. A group with far fewer resources could now attempt something similar by leaning on an autonomous AI agent to do the heavy lifting. Tasks that once required years of expertise can now be automated by a model that understands context, writes code and uses external tools without direct oversight.

Earlier incidents documented AI misuse, but humans were still steering every step. This case is different. The attackers needed very little involvement once the system was in motion. And while the investigation focused on usage within Claude, researchers believe similar activity is happening across other advanced models, which might include Google Gemini, OpenAI’s ChatGPT or Musk’s Grok.

This raises a difficult question. If these systems can be misused so easily, why continue building them? According to researchers, the same capabilities that make AI dangerous are also what make it essential for defense. During this incident, Anthropic’s own team used Claude to analyze the flood of logs, signals and data its investigation uncovered. That level of support will matter even more as threats grow.

Advertisement

We reached out to Anthropic for comment but did not hear back before our deadline.

Hackers used Claude to map networks, scan systems and identify high-value databases in a fraction of the time human attackers would need. (Kurt “CyberGuy” Knutsson)

FORMER GOOGLE CEO WARNS AI SYSTEMS CAN BE HACKED TO BECOME EXTREMELY DANGEROUS WEAPONS

You may not be the direct target of a state-sponsored campaign, but many of the same techniques trickle down to everyday scams, credential theft and account takeovers. Here are seven detailed steps you can take to stay safer.

1) Use strong antivirus software and keep it updated

Strong antivirus software does more than scan for known malware. It looks for suspicious patterns, blocked connections and abnormal system behavior. This is important because AI-driven attacks can generate new code quickly, which means traditional signature-based detection is no longer enough.

Advertisement

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com

2) Rely on a password manager

A good password manager helps you create long, random passwords for every service you use. This matters because AI can generate and test password variations at high speed. Using the same password across accounts can turn a single leak into a full compromise.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. 

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

Advertisement

3) Consider using a personal data removal service

A large part of modern cyberattacks begins with publicly available information. Attackers often gather email addresses, phone numbers, old passwords and personal details from data broker sites. AI tools make this even easier, since they can scrape and analyze huge datasets in seconds. A personal data removal service helps clear your information from these broker sites so you are harder to profile or target.

FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

Advertisement

4) Turn on two-factor authentication wherever possible

Strong passwords alone are not enough when attackers can steal credentials through malware, phishing pages or automated scripts. Two-factor authentication adds a serious roadblock. Use app-based codes or hardware keys instead of SMS. While no method is perfect, this extra layer often stops unauthorized logins even when attackers have your password.

5) Keep your devices and apps fully updated

Attackers rely heavily on known vulnerabilities that people forget or ignore. System updates patch these flaws and close off entry points that attackers use to break in. Enable automatic updates on your phone, laptop, router and the apps you use most. If an update looks optional, treat it as important anyway, because many companies downplay security fixes in their release notes.

6) Install apps only from trusted sources

Malicious apps are one of the easiest ways attackers get inside your device. Stick to official app stores and avoid APK sites, shady download portals and random links shared on messaging apps. Even on official stores, check reviews, download counts and the developer name before installing anything. Grant the minimum permissions required and avoid apps that ask for full access for no clear reason.

7) Ignore suspicious texts, emails and pop-ups

AI tools have made phishing more convincing. Attackers can generate clean messages, imitate writing styles and craft perfect fake websites that match the real ones. Slow down when a message feels urgent or unexpected. Never click links from unknown senders, and verify requests from known contacts through a separate channel. If a pop-up claims your device is infected or your bank account is locked, close it and check directly through the official website.

By breaking tasks into small, harmless-looking steps, the threat actors tricked Claude into writing exploits, harvesting credentials and expanding access.  (Kurt “CyberGuy” Knutsson)

Advertisement

Kurt’s key takeaway

The attack carried out through Claude signals a major shift in how cyber threats will evolve. Autonomous AI agents can already perform complex tasks at speeds no human team can match, and this gap will only widen as models improve. Security teams now need to treat AI as a core part of their defensive toolkit, not a future add-on. Better threat detection, stronger safeguards and more sharing across the industry are going to be crucial. Because if attackers are already using AI at this scale, the window to prepare is shrinking fast.

Should governments push for stricter regulations on advanced AI tools? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

Advertisement

Technology

Skullcandy’s bass-boosting Crusher headphones now come with Bose’s ANC

Published

on

Skullcandy’s bass-boosting Crusher headphones now come with Bose’s ANC

Skullcandy announced a new version of its Crusher wireless headphones today featuring a few of Bose’s audio technologies including its QuietControl ANC and head-tracking spatial audio. The Crusher headphone line differentiates itself from the competition through the use of both full-range and dedicated bass drivers in each ear cup to boost deeper frequencies. Skullcandy admits that approach can result in a loss of audio quality when the bass is heavily boosted, but its new Crusher 1080 ANC are meant to address and improve that with Bose’s help.

Available starting today for $279.99 in black, candy, primer, and cement color options, the new Crusher 1080 ANC feature redesigned drivers with a stiffer diaphragm material resulting in enhanced clarity and detail with less distortion at higher volume. As with previous models in the Crusher line, the bass boosting is entirely adjustable using Skullcandy’s mobile app or the on-headphone controls that now include a more prominent dial on the outside.

The Crusher 1080 ANC will be the first non-Bose headphones to feature that company’s TrueSpatial audio technology with head tracking that works whether you’re stationary or out for a run and its WaveForm audio engine that “keeps audio full, balanced, and smooth.” Skullcandy’s latest will also offer industry-leading noise cancellation with Bose’s six microphone QuietControl ANC tech that adapts as sounds around you get louder or quieter. The Crusher 1080ANC even features Bose’s SpeechClarity that reduces noise so your voice comes through clearly during a call, but they’re not the first third-party headphones to offer it.

Battery life is estimated to be up to 60 hours with ANC turned off, or 50 hours with it on, while a 10-minute rapid charge will keep the Crusher 1080 ANC going for up to four hours if they die. There’s multipoint pairing for connecting and switching between multiple devices, auto reconnect and wear detection that pauses music when you take the headphones off, and a design that folds flat for easier storage. The Crusher 1080 ANC supports Bluetooth 5.3 with LE Audio, low latency audio, and Auracast.

Continue Reading

Technology

You paid for it. So why is your device showing ads?

Published

on

You paid for it. So why is your device showing ads?

NEWYou can now listen to Fox News articles!

You paid for the product. So why does it feel like the company still controls the screen? That is the question more of us are starting to ask as smart devices get updated long after we bring them home. A refrigerator can show ads in your kitchen. A car can flash offers on the dashboard. Even a Windows 11 computer can surface promotions before you get to work.

The frustrating part is that this often happens through software updates. You tap update because you want your device to stay secure and work properly. Then one day, the product you bought starts acting like a billboard. This is also why it pays to understand the hidden privacy clauses and settings that come with smart products before those screens start doing things you never expected.

GOOGLE TURNS OLD PHONES INTO CLOUD SERVERS

Smart devices from refrigerators to cars and computers can show ads after software updates, raising questions about who controls screens consumers already paid for. (Michele Tantussi/Getty Images)

Advertisement

Free live CyberGuy class: Sick of Spam? Join us July 22.

Join us Wednesday, July 22, at 1 p.m. ET for a free CyberGuy Live class that will help you cut down on robocalls, spam texts, junk email and other unwanted messages. Kurt “CyberGuy” Knutsson will walk you step by step through simple ways to filter spam, clean up your inbox and recognize the messages that could put your personal information at risk. No technical experience is needed. You’ll also receive our spam-stopping checklist, and every registrant will get a link to the class recording afterward.

Reserve your free spot today at CyberGuyLive.com.

Samsung Family Hub refrigerators started showing ads

Samsung Family Hub refrigerators are sold as connected kitchen hubs. You can use the screen for weather, calendars, grocery lists and other household features. But as we discussed on The CyberGuy Report podcast at CyberGuy.com, that same screen can also become a place for ads after a software update. Samsung began showing ads on some Family Hub refrigerator Cover Screens in the U.S. We reached out to Samsung about this, and a spokesperson provided us with this statement:

“Last year, Samsung piloted a new Cover Screen widget on Family Hub refrigerators in the U.S. The widget rotates through useful information like weather, news, calendar events, and curated ads. After the pilot concluded in March, the widget was launched fully with the same user experience.

Advertisement

Users can turn off the Cover Screen widget, including ads, in the Advertisements tab of the Settings menu (Settings > Advertisements > Cover screen Ads) without impacting any other features or functions. Ads can also be dismissed on the Cover Screens where shown, meaning that the dismissed ad will not appear again during that specific ad’s campaign period. Since the start of the pilot program last October, our review has indicated consumers are finding value in this new widget. The percentage of users who have turned off the feature is in the low single-digits.

A Cover Screen appears when the Family Hub screen is idle, and the widget only appears on the Weather, Color, and Daily Board themes. The widget does not appear on the Cover Screen’s Art or Album themes.”

That answer is important because Samsung says you can turn the Cover Screen ads off without losing other features. Still, the larger point remains. You bought a refrigerator, then a later update added an ad experience to the screen in your kitchen.

How to turn off Samsung Family Hub Cover Screen ads

On the Family Hub screen:

  • Tap Settings
  • Tap Advertisements
  • Tap Cover Screen Ads
  • Turn the switch off

You can also change the Cover Screen theme. Samsung says the widget does not appear on Art or Album themes.

Car screen ads appeared in Jeep, Ram and Chrysler vehicles

Now move from the kitchen to the driveway. Some Jeep, Ram and Chrysler drivers previously saw promotional messages on their infotainment screens through Stellantis’ Uconnect system.

Advertisement

Stellantis, the automaker behind Jeep, Ram, Chrysler and Dodge, says its In-Vehicle Message technology, or IVM, is designed to help the company stay in contact with owners at important points during ownership. The company says it uses IVM for important messages, such as vehicle recalls and vehicle health monitor alerts. Stellantis also confirmed that the earlier pop-up promotions were part of its in-vehicle messaging or Uconnect communication system. However, the company says it has not run the promotional in-vehicle messages referenced in those reports since mid-fall 2025 and has nothing planned for future in-vehicle promotional messages.

At the time those promotional messages were active, Stellantis says owners could opt out by calling customer service or by updating their profile or Message Settings on their vehicle brand’s website account, such as a Ram owner account. That update is important. There are no current promotional in-vehicle messages to opt out of, according to Stellantis. Still, the larger concern remains: modern vehicles are software-driven, and the screen in the middle of your dashboard can be changed long after you drive off the lot.

10 SMALL HOME UPGRADES THAT CAN LOWER YOUR MONTHLY BILLS

Some Jeep, Ram and Chrysler drivers previously saw promotional messages on infotainment screens through Stellantis’ Uconnect system. (Kurt “Cyberguy” Knutsson)

Why dashboard messages feel more intrusive

A car screen is different from a phone app or website. You use that display for directions, music, climate controls and vehicle settings. So when a promotional message appears there, it can feel more personal than an ad on a webpage.

Advertisement

To be fair, in-vehicle messaging can serve an important purpose. Recall notices and vehicle health alerts can help owners respond to safety or maintenance issues faster.

However, promotional messages hit differently. You are sitting in a car you paid tens of thousands of dollars for. That screen should help you drive, maintain your vehicle and get where you are going without feeling like another place for a sales pitch.

Windows 11 ads can appear in several places

Then there is your computer. Windows 11 can show promotional content in places that feel like part of the operating system. That includes the lock screen, the Start menu and account-related notifications.

The lock screen can use Windows Spotlight, which displays rotating images along with tips, tricks and notifications. Start menu settings also include areas where Microsoft can show recommendations and account prompts.

Some of these messages may look like helpful notices. Others can feel like upsells. The most annoying ones are the alerts that look urgent, then steer you toward a Microsoft service such as OneDrive backup. Microsoft declined to comment for this story.

Advertisement

How to reduce ads and suggestions in Windows 11

You can cut down on much of this in Settings.

Change the lock screen:

  • Go to Settings
  • Click Personalization
  • Click Lock screen
  • Change Windows Spotlight to Picture
  • Turn off Get fun facts, tips, tricks and more on your lock screen

Reduce Start menu suggestions:

  • Go to Settings
  • Click Personalization
  • Click Start
  • Turn off any available toggles for recommendations, tips, suggestions or personalized offers

FIVE DATA BROKER OPT-OUT MYTHS THAT LEAVE RETIREES EXPOSED

Samsung says Family Hub refrigerator Cover Screen ads can be turned off, but the feature highlights how connected appliances can change after purchase. (SeongJoon Cho/Bloomberg via Getty Images)

Limit account-related prompts:

  • Go to Settings
  • Click Personalization
  • Click Start
  • Turn off Show account-related notifications

Microsoft may change wording over time, so look for anything tied to recommendations, tips, suggestions, offers or account notifications. For more Windows settings help, see these Windows 11 tips.

Device screen ads are spreading after you buy

The real problem isn’t one ad on one screen. It is the fact that software gives companies a way to change products after you buy them. A refrigerator used to stay a refrigerator. A car dashboard used to do what it did on the day you drove off the lot. A computer operating system used to feel like the tool you used to get things done.

Now those screens can change later. A company can add a widget, promote a service or push an offer through an update. That does not mean every update is bad. Security fixes are essential. Bug fixes help. New features can be useful. However, ads feel different when they arrive after you already paid for the product. That is why you should keep your devices updated, but also check what changed after the update installs.

What this means to you

Before you buy a smart appliance, connected car or computer, think beyond the hardware. Ask what kind of software controls the screen. Check whether ads, recommendations or promotional content can be turned off.

Advertisement

After setup, go through the settings before you assume the default experience is the only option. Look for menus labeled ads, recommendations, notifications, tips, offers or personalization. If you are setting up a new device, this new electronics setup guide is a good place to start.

Also, pay attention after updates. If a new widget or pop-up appears, do not assume you have to live with it. There may be a buried toggle that turns it off. Most of all, remember that a screen in your home, car or office has value. Companies know that. You should know it too.

Kurt’s key takeaways

This is exactly why we covered this on The CyberGuy Report podcast at CyberGuy.com. It hits a nerve because you already paid for these products, yet companies can still use software updates to claim space on the screens you see every day. Samsung says Family Hub Cover Screen ads can be turned off. Stellantis says its vehicle promotions stopped in the fall of 2025. Windows 11 gives you some settings that reduce tips, suggestions and account prompts. Still, the pattern is hard to ignore. Companies are learning how to keep making money from a product after the sale. That may be great for them, but it can feel pretty lousy when the screen is inside your kitchen, your car or your computer. When you pay thousands of dollars for a product, that screen should work for you instead of becoming another place for a company to sell to you.

Which screen ad would bother you most: one on your refrigerator, one on your computer or one in your car? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Advertisement

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Continue Reading

Technology

Lucid’s bankruptcy rumor is a bad sign for the EV future

Published

on

Lucid’s bankruptcy rumor is a bad sign for the EV future

Lucid Motors found itself in a tough bind this week, fending off bankruptcy rumors and watching its stock price plunge as a result. The company quickly denied the report, calling it “completely false” and pointing to its available free cash flow as evidence that it has enough runway to operate into next year.

But despite the swift response, the damage was widespread. The panic immediately bled into competing automakers, pulling down shares of Rivian and Polestar as investors speculated about the long-term survival of EV-only companies in the face of slowing consumer demand and whiplash policy shifts. And it cast a harsh light on the precarity of all three companies and the future of electric vehicles.

The trouble started on Tuesday, when EV trade publication EV reported that restructuring firm AlixPartners had advised Lucid’s board to consider Chapter 11 bankruptcy or a take-private deal. The report also said AlixPartners had encouraged the board to further restructure in the US and Europe and to focus on the Gravity SUV. But while the rest of the media has since reported on Lucid’s denial, no other publication has confirmed EV’s scoop. (For what its worth, EV’s URL is “eletric-vehicle.com,” enshrining the incorrect spelling in its address.)

Lucid confirmed that it had hired AlixPartners, but denied that the firm had made any such recommendations to its board. Instead, AlixPartners would provide advice on “improving execution, strengthening operations and positioning Lucid to realize the full potential of its technology, products and innovation,” Lucid chief communications officer Nick Twork said.

Lucid went a step further, filing a cease and desist order against EV

Advertisement

Lucid went a step further, filing a cease and desist order against EV, claiming that the site’s report directly led to the stock crash. “In short, your actions caused serious injury to a number of investors,” Lucid’s chief legal officer and general counsel, Brian Tomkiel, said in the letter. “And they injured, and continue to injure, Lucid directly.”

Still, the timing was terrible. Lucid is genuinely not in good shape, having lost over $1 billion in the first quarter of the year. The company has also gone through two rounds of layoffs in 2026, having cut 12 percent of staff in February and then 18 percent in June. The company also reduced production at its factory in Arizona in a bid to counteract its high inventory and save money. And there’s been leadership turmoil, with COO Marc Winterhoff departing the company and his position being eliminated entirely in an effort to flatten the structure.

The report sent the stock into freefall, plummeting as much as 50 percent in one of the worst single-day drops in Lucid’s history. And with Polestar and Rivian also catching strays, it’s generally been a glum time for companies not named Tesla trying make a go of exclusively building electric vehicles. Wall Street is panicking because the rumors are aligning with the bad news coming out of these companies’ earnings reports. EV sales are stabilizing, but recovery is still a distant promise. The all-electric future seems further away than ever.

Whether or not Lucid is actually weighing Chapter 11, it’s a sure sign of more turbulent waters ahead. Polestar getting strong-armed out of the US over its Chinese ties has left a lot of EV owners and dealers scratching their heads. Rivian is in an increasingly precarious position thanks to its huge, expensive bet on becoming a mass-market car company with the production of the R2.

All of these companies are increasingly reliant on big stakeholders — Lucid with Saudi Arabia’s Public Investment Fund, Polestar with Geely, and Rivian with Volkswagen — for their future survival. If any of these big backers get cold feet, the future could get really dark really fast.

Advertisement
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Continue Reading
Advertisement

Trending