Suspected China-linked AI-assisted intrusion campaign targeting government and financial systems
Campaign
Summary
Hide ▲
Show ▼
A suspected China-linked intrusion campaign is using Anthropic Claude Code and DeepSeek to automate intrusions and credential harvesting across government and financial systems in Afghanistan, Thailand, Taiwan, and the U.S., widening the operation's reach.
Related Happenings
U.S. Scam Center Strike Force anti-fraud initiative
Public Sector Action
H score50
First: 04.06.2026 09:06
Last: 04.06.2026 09:06
Sources 1
About this happening:
The U.S. government continued Scam Center Strike Force, an ongoing anti-fraud initiative aimed at dismantling cyber-enabled fraud and pig butchering networks targe...
U.S. Scam Center Strike Force anti-fraud initiative
Public Sector ActionAbout this happening: The U.S. government continued Scam Center Strike Force, an ongoing anti-fraud initiative aimed at dismantling cyber-enabled fraud and pig butchering networks targe...
Shadow-Aether-040 AI-augmented campaign against Mexican government entities
Campaign
H score41
First: 13.05.2026 16:00
Last: 13.05.2026 16:00
Sources 1
About this happening:
The Shadow-Aether-040 campaign used AI agents and custom tooling to compromise six government entities in Mexico, increasing the risk of follow-on intrusion and data...
Shadow-Aether-040 AI-augmented campaign against Mexican government entities
CampaignAbout this happening: The Shadow-Aether-040 campaign used AI agents and custom tooling to compromise six government entities in Mexico, increasing the risk of follow-on intrusion and data...
Xu Zewei extradited for U.S. cyberespionage prosecution
Law Enforcement
H score57
First: 27.04.2026 22:56
Last: 27.04.2026 22:56
Sources 1
About this happening:
Xu Zewei was extradited from Italy to the United States to face criminal charges in a cyberespionage case tied to China's MSS. The move expands the legal exposure...
Xu Zewei extradited for U.S. cyberespionage prosecution
Law EnforcementAbout this happening: Xu Zewei was extradited from Italy to the United States to face criminal charges in a cyberespionage case tied to China's MSS. The move expands the legal exposure...
Growing US internet crime losses and complaints in 2025
Trend
H score52
First: 07.04.2026 15:00
Last: 07.04.2026 15:00
Sources 1
About this happening:
US internet crime victims saw losses rise above $17.7 billion in 2025, with over a million complaints to IC3 and cryptocurrency investment scams leading losses...
Growing US internet crime losses and complaints in 2025
TrendAbout this happening: US internet crime victims saw losses rise above $17.7 billion in 2025, with over a million complaints to IC3 and cryptocurrency investment scams leading losses...
AI-assisted hacktivist campaign targeting Mexican government agencies
Campaign
H score89
First: 06.03.2026 15:37
Last: 06.03.2026 15:37
Sources 1
About this happening:
A small group of hacktivists ran an AI-assisted intrusion campaign against at least nine Mexican government agencies, compromising systems over multiple months. Th...
AI-assisted hacktivist campaign targeting Mexican government agencies
CampaignAbout this happening: A small group of hacktivists ran an AI-assisted intrusion campaign against at least nine Mexican government agencies, compromising systems over multiple months. Th...
Timeline
-
16.07.2026 14:17 2 articles · 3h ago
Suspected China-linked threat actor automates intrusions with Claude Code and DeepSeek
Initial DisclosureResearchers observed a suspected China-linked threat actor using Anthropic Claude Code and DeepSeek models to automate intrusions against government and financial systems in Afghanistan, Thailand, Taiwan, and the U.S. The workflow reportedly used Claude Code as the execution engine for agentic tool use, bash command execution, session persistence, and task parallelization, while DeepSeek-v4-pro handled reasoning, attack logic, script generation, and decision-making; the operator also reworked exploits after failed attempts and built phishing pages to harvest credentials.
Show sources
- Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor — thehackernews.com — 16.07.2026 14:17
- Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor — thehackernews.com — 16.07.2026 14:17