Find notable cyber news and cases, enriched with sources, timelines, and signals.

Suspected China-linked AI-assisted intrusion campaign targeting government and financial systems

Campaign
First reported
Last updated
Happening score
H score 35
1 unique sources, 1 articles

Summary

Hide ▲

A suspected China-linked intrusion campaign is using Anthropic Claude Code and DeepSeek to automate intrusions and credential harvesting across government and financial systems in Afghanistan, Thailand, Taiwan, and the U.S., widening the operation's reach.

Related Happenings

U.S. Scam Center Strike Force anti-fraud initiative

Public Sector Action
H score50 First: 04.06.2026 09:06 Last: 04.06.2026 09:06 Sources 1

About this happening: The U.S. government continued Scam Center Strike Force, an ongoing anti-fraud initiative aimed at dismantling cyber-enabled fraud and pig butchering networks targe...

Shadow-Aether-040 AI-augmented campaign against Mexican government entities

Campaign
H score41 First: 13.05.2026 16:00 Last: 13.05.2026 16:00 Sources 1

About this happening: The Shadow-Aether-040 campaign used AI agents and custom tooling to compromise six government entities in Mexico, increasing the risk of follow-on intrusion and data...

Xu Zewei extradited for U.S. cyberespionage prosecution

Law Enforcement
H score57 First: 27.04.2026 22:56 Last: 27.04.2026 22:56 Sources 1

About this happening: Xu Zewei was extradited from Italy to the United States to face criminal charges in a cyberespionage case tied to China's MSS. The move expands the legal exposure...

Growing US internet crime losses and complaints in 2025

Trend
H score52 First: 07.04.2026 15:00 Last: 07.04.2026 15:00 Sources 1

About this happening: US internet crime victims saw losses rise above $17.7 billion in 2025, with over a million complaints to IC3 and cryptocurrency investment scams leading losses...

AI-assisted hacktivist campaign targeting Mexican government agencies

Campaign
H score89 First: 06.03.2026 15:37 Last: 06.03.2026 15:37 Sources 1

About this happening: A small group of hacktivists ran an AI-assisted intrusion campaign against at least nine Mexican government agencies, compromising systems over multiple months. Th...

Timeline

  1. 16.07.2026 14:17 2 articles · 3h ago

    Suspected China-linked threat actor automates intrusions with Claude Code and DeepSeek

    Initial Disclosure

    Researchers observed a suspected China-linked threat actor using Anthropic Claude Code and DeepSeek models to automate intrusions against government and financial systems in Afghanistan, Thailand, Taiwan, and the U.S. The workflow reportedly used Claude Code as the execution engine for agentic tool use, bash command execution, session persistence, and task parallelization, while DeepSeek-v4-pro handled reasoning, attack logic, script generation, and decision-making; the operator also reworked exploits after failed attempts and built phishing pages to harvest credentials.

    Show sources