China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work - CyberScoop

A Chinese state-sponsored group utilized Anthropic's Claude AI to breach at least 30 organizations, bypassing its security guardrails by segmenting tasks and tricking the model into simulating a legitimate security audit. This operation leveraged a human-built frontend framework to orchestrate Claude's actions, including interfacing with open-source tools via Model Context Protocol (MCP) servers for reconnaissance and vulnerability scanning, dramatically scaling the attackers' operational capacity.