Cybersecurity has been reshaped by the rapid rise of advanced artificial intelligence tools, and recent incidents show just how quickly the threat landscape is shifting.

Over the past year, we’ve seen a surge in attacks powered by AI models that can write code, scan networks and automate complex tasks. This capability has helped defenders, but it has also enabled attackers to move faster than before.

The latest example is a major cyberespionage campaign conducted by a Chinese state-linked group that used Anthropic’s Claude to carry out large parts of an attack with very little human involvement.

HACKER EXPLOITS AI CHATBOT IN CYBERCRIME SPREE

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter 

How Chinese hackers turned Claude into an automated attack machine

In mid-September 2025, Anthropic investigators spotted unusual behavior that eventually revealed a coordinated and well-resourced campaign. The threat actor, assessed with high confidence as a Chinese state-sponsored group, had used Claude Code to target roughly 30 organizations worldwide. The list included major tech firms, financial institutions, chemical manufacturers and government bodies. A small number of those attempts resulted in successful breaches.

How the attackers bypassed Claude’s safeguards

This was not a typical intrusion. The attackers built a framework that let Claude act as an autonomous operator. Instead of asking the model to help, they tasked it with executing most of the attack. Claude inspected systems, mapped out internal infrastructure and flagged databases worth targeting. The speed was unlike anything a human team could replicate.

To get around Claude’s safety rules, the attackers broke their plan into tiny, innocent-looking steps. They also told the model it was part of a legitimate cybersecurity team performing defensive testing. Anthropic later noted that the attackers didn’t simply hand tasks to Claude; they engineered the operation to make the model believe it was performing authorized pentesting work, splitting the attack into harmless-looking pieces and using multiple jailbreak techniques to push past its safeguards. Once inside, Claude researched vulnerabilities, wrote custom exploits, harvested credentials and expanded access. It worked through these steps with little supervision and reported back only when it needed human approval for major decisions.

The model also handled the data extraction. It collected sensitive information, sorted it by value and identified high-privilege accounts. It even created backdoors for future use. In the final stage, Claude generated detailed documentation of what it had done. This included stolen credentials, systems analyzed and notes that could guide future operations.

Across the entire campaign, investigators estimate that Claude performed around 80-90% of the work. Human operators stepped in only a handful of times. At its peak, the AI triggered thousands of requests, often multiple per second, a pace still far beyond what any human team could achieve. Although it occasionally hallucinated credentials or misread public data as secret, those errors underscored that fully autonomous cyberattacks still face limitations, even when an AI model handles the majority of the work.

Why this AI-powered Claude attack is a turning point for cybersecurity

This campaign shows how much the barrier to high-end cyberattacks has dropped. A group with far fewer resources could now attempt something similar by leaning on an autonomous AI agent to do the heavy lifting. Tasks that once required years of expertise can now be automated by a model that understands context, writes code and uses external tools without direct oversight.

Earlier incidents documented AI misuse, but humans were still steering every step. This case is different. The attackers needed very little involvement once the system was in motion. And while the investigation focused on usage within Claude, researchers believe similar activity is happening across other advanced models, which might include Google Gemini, OpenAI’s ChatGPT or Musk’s Grok.

This raises a difficult question. If these systems can be misused so easily, why continue building them? According to researchers, the same capabilities that make AI dangerous are also what make it essential for defense. During this incident, Anthropic’s own team used Claude to analyze the flood of logs, signals and data its investigation uncovered. That level of support will matter even more as threats grow.

We reached out to Anthropic for comment but did not hear back before our deadline.

FORMER GOOGLE CEO WARNS AI SYSTEMS CAN BE HACKED TO BECOME EXTREMELY DANGEROUS WEAPONS

You may not be the direct target of a state-sponsored campaign, but many of the same techniques trickle down to everyday scams, credential theft and account takeovers. Here are seven detailed steps you can take to stay safer.

1) Use strong antivirus software and keep it updated

Strong antivirus software does more than scan for known malware. It looks for suspicious patterns, blocked connections and abnormal system behavior. This is important because AI-driven attacks can generate new code quickly, which means traditional signature-based detection is no longer enough.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com

2) Rely on a password manager

A good password manager helps you create long, random passwords for every service you use. This matters because AI can generate and test password variations at high speed. Using the same password across accounts can turn a single leak into a full compromise.

Next, see if your email has been exposed in past breaches. Our No. 1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. 

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

3) Consider using a personal data removal service

A large part of modern cyberattacks begins with publicly available information. Attackers often gather email addresses, phone numbers, old passwords and personal details from data broker sites. AI tools make this even easier, since they can scrape and analyze huge datasets in seconds. A personal data removal service helps clear your information from these broker sites so you are harder to profile or target.

FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Turn on two-factor authentication wherever possible

Strong passwords alone are not enough when attackers can steal credentials through malware, phishing pages or automated scripts. Two-factor authentication adds a serious roadblock. Use app-based codes or hardware keys instead of SMS. While no method is perfect, this extra layer often stops unauthorized logins even when attackers have your password.

5) Keep your devices and apps fully updated

Attackers rely heavily on known vulnerabilities that people forget or ignore. System updates patch these flaws and close off entry points that attackers use to break in. Enable automatic updates on your phone, laptop, router and the apps you use most. If an update looks optional, treat it as important anyway, because many companies downplay security fixes in their release notes.

6) Install apps only from trusted sources

Malicious apps are one of the easiest ways attackers get inside your device. Stick to official app stores and avoid APK sites, shady download portals and random links shared on messaging apps. Even on official stores, check reviews, download counts and the developer name before installing anything. Grant the minimum permissions required and avoid apps that ask for full access for no clear reason.

7) Ignore suspicious texts, emails and pop-ups

AI tools have made phishing more convincing. Attackers can generate clean messages, imitate writing styles and craft perfect fake websites that match the real ones. Slow down when a message feels urgent or unexpected. Never click links from unknown senders, and verify requests from known contacts through a separate channel. If a pop-up claims your device is infected or your bank account is locked, close it and check directly through the official website.

Kurt’s key takeaway

The attack carried out through Claude signals a major shift in how cyber threats will evolve. Autonomous AI agents can already perform complex tasks at speeds no human team can match, and this gap will only widen as models improve. Security teams now need to treat AI as a core part of their defensive toolkit, not a future add-on. Better threat detection, stronger safeguards and more sharing across the industry are going to be crucial. Because if attackers are already using AI at this scale, the window to prepare is shrinking fast.

Should governments push for stricter regulations on advanced AI tools? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

As I sat down at the bookstore cafe with a cortado and an oat bar, I panicked just a little bit when I turned on my phone’s hotspot. What if my hotspot network gave me away? Would it say ALLISON’S TRUMP PHONE? Would someone smart sitting next to me, sipping matcha, catch sight of it? What would they think of me?

That’s not what happened, of course. The default network name was “Allison’s S25,” reflecting the Samsung Galaxy phone I was using, not the network. But the experience sums up a weird feeling I can only describe as “icky” as I texted, talked, and scrolled through my day using my Trump Wireless plan.

Honestly, I was surprised the service even identified itself as Trump and not Liberty Mobile, the MVNO that the Trump Organization’s MVNO service rides on. But there they were, those five letters staring back at me under my SIM settings once I installed the card. They were at the top of the status bar every time I swiped down to check a notification, too.

I didn’t really go out of my way to do a bunch of things while testing Trump Mobile that seem antithetical to the whole Trump ethos — that’s just kinda how it worked out. I used the service to check on a hold at my public library. I used it on public transportation. I used it while shopping at a local grocery oo-op. I used it to find my way to an indie bookstore. It worked just fine. It still felt icky doing this all with that Trump network indicator in the corner of the screen.

I have a number of complaints about the values that the Trump Organization and the Trump name represent. But the wireless service? Fine, I guess. My Galaxy S25 proudly displays a 5G badge most of the time. Trump Mobile runs on T-Mobile, and T-Mobile coverage is quite good here in Seattle, where it happens to be headquartered. In fact, I got better download speeds on the S25 using Trump Mobile than I did using my own Verizon plan on an S25 Plus. I pay way more for my Verizon service than the $51.99 that the Trump service costs. Side note: the plan’s official price is $47.45, which is a cute nod to Trump’s presidencies, albeit out of order presumably to charge a couple extra bucks. But when you add tax, you end up at $51.99.

As it is wont to, the Trump Organization has slapped its name on a product that was already well established — in this case, T-Mobile wireless service. To be fair, that’s basically how an MVNO works, so it’s not surprising that the network part of the product works quite well. Everything else, though, has been a little hit-and-miss. There was the case of my missing SIM card, which was not great. But the problem was resolved by some kind customer service folks, and once I had the card in hand, I was able to get service started on my own, by putting the card in my phone, logging into my account, and typing in some numbers in the right place.

But there are little red flags here and there suggesting that maybe Trump Mobile doesn’t have it all together. The hours given for the customer service line listed on the SIM kit I got differ from what’s on the website, which is different from the actual hours given when you call. The instructions on the SIM packaging tell you to go to TrumpMobile.com/activate, but that page throws a 404 error. The instructional video that tells you how to install a SIM card looks suspiciously AI-generated (and I swear to god that voice-over sounds like Dieter). It all feels slapped together and inconsistent. Icky, indeed.

Losing your phone can leave you in panic mode, especially when the battery dies. The good news is that both Apple and Android offer built-in tools that help you track a missing device even when it is powered off or offline.

With an iPhone, you can use the Find My network on another Apple device or sign in from a browser. With Android, you can use Google’s Find My Device system to see the last known location and secure your phone fast.

This guide walks you through clear steps for iPhone and Android so you know exactly what to do next.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

YOUR PHONE IS TRACKING YOU EVEN WHEN YOU THINK IT’S NOT

Does Find My work when your iPhone is dead?

Yes, it does. Your iPhone uses low power mode in the background so it stays findable for a period after powering off. If other Apple devices are nearby, your phone can still send out a Bluetooth signal that helps pinpoint the last known location.

You can check this location from any Apple device or a browser.

Use Find My from another Apple device

If you have an iPad, Mac, or another iPhone, you can look up your missing device in seconds. Family Sharing works too, so you can track a shared device even if it is offline. Here is how to do it:

• Open the Find My app
• Tap the Devices tab
• Swipe up to see your full list of devices
• Select your missing iPhone
• View the location on the map
• Tap Directions to navigate to it
• Tap Play Sound if the phone is on and nearby

• Turn on Lost Mode by tapping continue at the bottom of the screen to lock it and show a message with a callback number.
• Enter a phone number that can be used when someone finds your iPhone and wants to contact you. Then, tap Next. 
• If the screen icon is black, the phone is dead. You will still see the last known location, so you know where to start looking.

Find your iPhone from a web browser

If you only have access to a computer or an Android phone, use iCloud.com to locate your device. The browser version gives fewer tools, but it still shows your iPhone on the map. Follow these steps:

• Go to iCloud.com/find
• Sign in with your Apple ID
• Approve two-factor if needed

• Select All Devices
• Choose your missing iPhone

• Use Play Sound if the device is on
• Turn on Lost Mode to lock the phone

Use this method when you have no Apple hardware nearby.

Use the Help a Friend feature in Find My

If you need to borrow another person’s iPhone, avoid signing in to their device directly. That triggers security checks you cannot complete without your missing phone. Instead, use Help a Friend inside the Find My app:

• Open Find My on your friend’s iPhone
• Scroll to Help a Friend
• Sign in with your Apple ID
• View the last known location of your iPhone

This tool bypasses two-factor prompts so you can get your location without any issues.

Can you find an iPhone without Find My

If ‘Find My’ was never enabled, you must retrace your steps. You can check ‘Your Timeline’ in Google Maps if you use that app and have location history on.

Without ‘Find My,’ there is no way to remotely lock, track, or erase the device.

Once you recover your phone, turn on ‘Find My’ and enable ‘Send Last Location’ so you are covered next time.

Best iPhone settings to turn on before your device goes missing

Before your iPhone ever goes missing, take a minute to set up these key protections.

1) Turn on Find My iPhone

This keeps your device trackable whether it is on or off. Go to Settings, then tap your name, then click Find My, then Find My iPhone and enable it. 

2) Enable Send Last Location

Go to Settings, then tap your name, then click Find My, then Find My iPhone and scroll down and enable Sent Last Location. 

Your phone will save its final location before the battery dies.

3) Turn on Find My network

Go to Settings, tap your name, click Find My, then tap Find My iPhone and enable Find My network.
This keeps your iPhone discoverable through nearby Apple devices even when it is off or offline.

4) Keep two-factor authentication on

Go to Settings, tap your name, tap Sign-In & Security, select Two-Factor Authentication (2FA), then tap your iPhone and make sure 2FA is turned on.
This blocks anyone from accessing your Apple ID without approval.

5) Use a strong passcode

Go to Settings, then tap Face ID & Passcode, then enter your current passcode.
Tap Change Passcode and follow the prompts to set a unique passcode that is hard to guess.

6) Add a recovery contact

Go to Settings, tap your name, tap Sign-In & Security, then tap Recovery contacts. Then, click Add Recovery Contact. 
Add a trusted person as your recovery contact so you can verify your identity if you ever lose your iPhone. 

CAN’T FIND YOUR ANDROID PHONE? HERE’S WHAT TO DO TO TRACK IT DOWN

How to find an Android phone that is off or dead

Android users can also track a missing device using Google’s Find My Device system. While you cannot see live location when the phone is powered off, you can view the last known location, lock the phone, or display a message for anyone who finds it. Here is how to track it:

Find your Android from a browser

Settings may vary depending on your Android phone’s manufacturer.

• Go to android.com/find
• Sign in with your Google account
• Select your missing device
• View the last known location on the map
• Select Secure Device to lock it and display a callback message
• Select Play Sound if the phone is on and nearby

Find your Android from another phone

Settings may vary depending on your Android phone’s manufacturer.

• Download the Find My Device app on another Android
• Sign in with your Google account
• Tap your missing phone to view its last known location

If the phone is off or dead, the map will show its last saved location. You can still lock the device or leave a message for whoever finds it.

Best Android settings to turn on before your device goes missing

Before your Android phone ever goes missing, take a minute to set up these key protections.

Settings may vary depending on your Android phone’s manufacturer.

1) Turn on Find My Device

This lets you track your phone or lock it from any browser.
Go to Settings, tap Security & privacy, tap Find My Device or Device Finders and turn it on.
(Names may vary by manufacturer.)

2) Enable Location Services

This improves accuracy and helps Google save your phone’s last known location.
Go to Settings, tap Location and turn on Use Location.

3) Turn on Google Location History

This allows Google to show past locations even when your phone is off.
Go to Settings, tap Location, tap Location Services, then choose Google Location History or Google Location Sharing and turn it on.

4) Add a recovery phone number or email

This helps you verify your identity and recover your account fast.
Go to Settings, tap Google, tap Manage your Google Account, then open the Security tab and add a recovery phone number or email.

5) Use a strong screen lock

Choose a secure lock to keep your data safe.
Go to Settings, tap Security, then Screen lock, and select a PIN, pattern, or password that is hard to guess.

6) Turn on “Send last location” (If available)

Some Android models save the phone’s last known location before the battery dies.
Go to Settings, tap Security & privacy, tap Find My Device and enable Send last location if your device supports it.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: Cyberguy.com 

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Kurt’s key takeaways

A dead or powered-off phone does not have to stay lost. Apple’s Find My network and Google’s Find My Device system both give you a last known location and fast tools that help you lock or secure your phone. With the right settings in place before anything happens, you can recover your device sooner and protect your personal data.

What would you do first if your phone went missing today? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

Copyright 2025 CyberGuy.com. All rights reserved.