AI Brief%22%2F%3E%3Ccircle%20cx%3D%22760%22%20cy%3D%22180%22%20r%3D%22260%22%20fill%3D%22%23f0b84a%22%20opacity%3D%22.24%22%2F%3E%3Ccircle%20cx%3D%22110%22%20cy%3D%221040%22%20r%3D%22310%22%20fill%3D%22%23f0b84a%22%20opacity%3D%22.16%22%2F%3E%3C%2Fsvg%3E)
Anthropic maps AI-enabled cyber abuse across 832 banned accounts
Anthropic says attackers are using AI deeper in cyber operations, with later-stage activity making old risk signals less reliable.
Read more
Anthropic published a detailed look at how malicious actors used AI across 832 banned accounts between March 2025 and March 2026. The company mapped the cases to MITRE ATT&CK and concluded that AI-enabled attackers are moving beyond preparation into later, more complex phases of cyber operations. Anthropic says 560 of the 832 accounts, or 67.3%, used AI for malware-writing tasks, while 54 accounts, or 6.5%, used AI to assist lateral movement inside compromised environments. It also says the share of actors classified as medium risk or higher rose from 33% in the first six-month period to 56% in the second. The key warning is that traditional risk scoring, such as counting techniques or judging the interface used, may no longer capture how dangerous agentic orchestration can become.
Key details: June 3, 2026, Anthropic, 832 banned accounts, March 2025 to March 2026, 560 accounts used AI for malware writing, 54 accounts used AI for lateral movement, Medium-or-higher risk rose from 33% to 56%, MITRE ATT&CK.
Continue swiping for more AI Brief stories.