IM DOMINATOR · AI Hack Defense
Get the Free Checklist

AI Security Guide → The first AI-run attack

The First Cyberattack an AI Ran by Itself (and What It Means for You)

By Benjamin Hübner · Updated June 2026

What happened: in November 2025, Anthropic disclosed the first reported AI-orchestrated cyber espionage campaign. The AI executed an estimated 80–90% of the operation autonomously — humans were involved for roughly 20 minutes at key decision points. It marked the shift from "attackers use AI tools" to "AI runs the attack."

For decades, every cyberattack had a human at the keyboard. Skill was the bottleneck. The bottleneck is gone.

The Timeline of the Shift

May 10, 2025 — the first autonomous agent intrusion in the wild. Security firm Sysdig documented an AI agent running a four-pivot attack all the way to database exfiltration in under an hour. No human at the keyboard.

November 2025 — the first orchestrated campaign. Anthropic disrupted and disclosed an espionage operation in which the AI did nearly all the work:

The AI executed 80–90% of the operation autonomously; human operators were involved for an estimated maximum of ~20 minutes at key decision points.Source: Anthropic, "Disrupting the first reported AI-orchestrated cyber espionage campaign," 2025

Anthropic's own framing: the barriers to performing sophisticated attacks have "dropped substantially." It described the campaign as an escalation from earlier-2025 "vibe hacking" cases, where humans were still meaningfully in the loop.

The Honest Caveat

The disclosed campaign targeted nation-state-level organizations — not affiliate marketers, not WordPress site owners. Anyone telling you "the AI hackers are coming for your blog tonight" is selling fear.

Here's the accurate version, which is concerning enough: the capability is now demonstrated, documented, and getting cheaper. Every offensive capability in computing history has followed the same curve — from nation-state exclusive to commodity tooling. When attack cost approaches zero, attackers stop choosing targets and scan everything. Small targets stop being beneath notice, because "notice" no longer costs anything.

The Numbers Already Moving

AI-enabled attacks were up +89% year over year before the November disclosure, with average lateral movement at 29 minutes.Source: CrowdStrike 2026 Global Threat Report

And the targeting math already favors hitting small operations — small businesses are breached roughly 4× more often than large organizations.

What To Do With This Information

Not panic — preparation. Automated attackers take the easiest path: forgotten app access, unpatched plugins, credentials in pasted text. Closing those is cheap, boring, and effective, which is exactly what this means for your own defenses — the full guide walks all eight gaps in order.

Be the hard target, not the easy one

The free AI Security Checklist closes the doors automated attacks check first. One afternoon of work.

Get the Free AI Security Checklist →
BH

Benjamin Hübner — founder of IM Dominator and AiMarketingReviews.com. Informational only, not professional cybersecurity advice.