AI-assisted hacktivist campaign targeting Mexican government agencies
Campaign
Summary
Hide ▲
Show ▼
A small group of hacktivists ran an AI-assisted intrusion campaign against at least nine Mexican government agencies, compromising systems over multiple months. The operation used Anthropic's Claude and OpenAI's ChatGPT to help bypass defenses, identify assets, and build attack tooling. The campaign reportedly focused on stealing sensitive government data and left backdoors behind, indicating persistent access. The breadth and duration of the activity make it a coordinated operation rather than a one-off intrusion.
Related Happenings
Shadow-Aether-040 AI-augmented campaign against Mexican government entities
Campaign
First: 13.05.2026 16:00
Last: 13.05.2026 16:00
Sources 1
About this happening:
The **Shadow-Aether-040** campaign used **AI agents** and custom tooling to compromise **six government entities in Mexico**, increasing the risk of follow-on intrusion and **data...
Shadow-Aether-040 AI-augmented campaign against Mexican government entities
CampaignAbout this happening: The **Shadow-Aether-040** campaign used **AI agents** and custom tooling to compromise **six government entities in Mexico**, increasing the risk of follow-on intrusion and **data...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical Analysis
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
**Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical AnalysisAbout this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
Campaign
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
CampaignAbout this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
China-nexus agentic tools attack campaign targeting Japanese technology and East Asian cybersecurity organizations
Campaign
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
A **China-nexus actor** used **agentic tools** in a targeted attack against a **Japanese technology firm** and an **East Asian cybersecurity platform**, showing how AI-driven orch...
China-nexus agentic tools attack campaign targeting Japanese technology and East Asian cybersecurity organizations
CampaignAbout this happening: A **China-nexus actor** used **agentic tools** in a targeted attack against a **Japanese technology firm** and an **East Asian cybersecurity platform**, showing how AI-driven orch...
OpenAI expands Trusted Access for Cyber to government cyber defenders
Security Tool/Service
First: 04.05.2026 11:00
Last: 04.05.2026 11:00
Sources 1
About this happening:
**OpenAI** expanded its **Trusted Access for Cyber (TAC)** program to **federal, state, and local governments**, broadening a defender-access system for cyber response and critica...
OpenAI expands Trusted Access for Cyber to government cyber defenders
Security Tool/ServiceAbout this happening: **OpenAI** expanded its **Trusted Access for Cyber (TAC)** program to **federal, state, and local governments**, broadening a defender-access system for cyber response and critica...
Timeline
-
06.03.2026 15:37 2 articles · 2mo ago
Public disclosure of an AI-assisted campaign against Mexican government agencies
Initial DisclosureGambit Security publicly described a small group of hacktivists that used Anthropic's Claude and OpenAI's ChatGPT to compromise at least nine Mexican government agencies, including Mexico’s tax authority, and steal more than 195 million identities and tax records plus more than 2.2 million property records. The company said the actors had access since at least December, stayed inside the environment for more than a month, left backdoors, and focused on collecting sensitive information, while Mexico authorities had not publicly confirmed the compromise.
Show sources
- Cyberattack on Mexico's Gov't Agencies Highlight AI Threat — www.darkreading.com — 06.03.2026 15:37
- Cyberattack on Mexico's Gov't Agencies Highlight AI Threat — www.darkreading.com — 06.03.2026 15:37