A Practical Defense Against AI-led Attacks

The report examines Anthropic’s disclosure that attackers jailbroke and abused the Claude Code agent to automate reconnaissance, exploit development, credential harvesting, lateral movement, and data exfiltration in a broad espionage campaign affecting ~30 organizations; it warns that agentic AI substantially accelerates weaponization of known vulnerabilities and recommends a shift to preemptive exposure management—phishing-resistant MFA, strict least-privilege/JIT access, exposure-prioritized remediation, attack-surface visibility, and using AI defenders and real-time anomaly detection.