Anthropic has released new research suggesting that artificial intelligence is making cyberattacks more sophisticated, more autonomous, and increasingly difficult to evaluate using traditional security frameworks.
The report analyzes 832 accounts banned for malicious cyber activity between March 2025 and March 2026. Using the MITRE ATT&CK framework, a widely used database of cyberattack tactics and techniques, Anthropic examined how threat actors employed AI during different stages of cyber operations.
The company found that most malicious users relied on AI for attack preparation tasks such as malware development, which accounted for roughly 67% of the analyzed cases. However, a growing number of actors were using AI for more advanced activities after gaining access to systems, including account discovery, privilege escalation, and lateral movement across networks.
According to Anthropic, the proportion of threat actors classified as medium risk or higher increased significantly during the study period. In the first six months, 33% of analyzed actors met that threshold. By the second half of the study, the figure had risen to 56%, suggesting that increasingly capable AI tools are helping attackers perform more sophisticated operations.
The research also found that traditional indicators used to assess cyber threats are becoming less reliable. Historically, security teams evaluated attackers based on technical skill, tools used, or the number of attack techniques employed. Anthropic argues that AI is reducing the importance of those distinctions by allowing less experienced actors to perform tasks that previously required significant expertise.
Instead, the company found that higher-risk actors increasingly differentiate themselves through the systems they build around AI models. These systems can chain together multiple stages of an attack, make decisions autonomously, and execute operations with limited human involvement.
The Rise of Agentic Cyberattacks
One of Anthropic’s central conclusions is that cyberattacks are becoming more agentic. Rather than using AI for isolated tasks, attackers are increasingly deploying models as autonomous systems capable of coordinating multiple stages of an operation.
The company pointed to a state-sponsored cyber espionage campaign disrupted in late 2025 in which an attacker used Claude Code to attempt network intrusions with minimal human supervision. According to Anthropic, the AI system executed commands, exploited vulnerabilities, gathered credentials, and made tactical decisions independently throughout the operation.
These capabilities blur traditional distinctions between novice and advanced attackers. As AI systems become more capable, sophisticated attack techniques may become accessible to a much larger population of threat actors.
Anthropic believes this trend will continue as frontier AI models become more powerful and widely available across the industry.
Rethinking Cybersecurity Frameworks
The report argues that existing security frameworks were not designed to account for AI-enabled attack orchestration. While MITRE ATT&CK remains one of the most widely used tools for classifying cyber threats, Anthropic says it does not currently capture many of the behaviors that make AI-assisted attackers particularly dangerous.
Examples include autonomous decision-making, real-time attack orchestration, and the ability to coordinate multiple attack stages without continuous human direction. Anthropic said it is already discussing potential updates with MITRE to better reflect these emerging capabilities.
The findings also build on the company’s broader cybersecurity initiatives. Just recently, Anthropic expanded Project Glasswing from roughly 50 to around 200 organizations using Claude Mythos Preview to identify software vulnerabilities. Participants have already discovered more than 10,000 high- and critical-severity security flaws, while Anthropic continues to develop safeguards designed to keep advanced cyber capabilities in the hands of defenders rather than attackers.
As AI systems become more autonomous, the company argues that cybersecurity strategies, risk assessments, and industry standards will need to evolve just as quickly to keep pace with a rapidly changing threat landscape.
