Detecting and countering misuse of AI: August 2025. Anthropic
Executive summary. Threat Intelligence Report: August 2025
We have developed sophisticated safety and security measures to prevent the misuse of our AI models. While these measures are generally effective, cybercriminals and other malicious actors continually attempt to find ways around them. This report details several recent examples of how Claude has been misused, along with the steps we’ve taken to detect and counter their abuse. This represents the work of Threat Intelligence: a dedicated team at Anthropic finds deeply investigated sophisticated real world cases of misuse and works with the rest of the Safeguards organization to improve our defenses against such cases. While specific to Claude, the case studies presented below likely reflect consistent patterns of behaviour across all frontier AI models. Collectively, they show how threat actors are adapting their operations to exploit today’s most advanced AI capabilities:
- Agentic AI systems are being weaponized: AI models are themselves being used to perform sophisticated cyberattacks – not just advising on how to carry them out.
- AI lowers the barriers to sophisticated cybercrime. Actors with few technical skills have used AI to conduct complex operations, like developing ransomware, that would previously have required years of training.
- Cybercriminals are embedding AI throughout their operations. This includes victim profiling, automated service delivery, and in operations that affect tens of thousands of users.
- AI is being used for all stages of fraud operations. Fraudulent actors use AI for tasks like analyzing stolen data, stealing credit card information, and creating false identities.
We’re discussing these incidents publicly in order to contribute to the work of the broader AI safety and security community, and help those in industry, government, and the wider research community strengthen their own defences against the abuse of AI systems. We plan to continue releasing reports like this regularly, and to be transparent about the threats we find.