Nine Mexican government agencies targeted by AI tools

BBS:      TELESC.NET.BR
Assunto:  Nine Mexican government agencies targeted by AI tools
De:       Mike Powell
Data:     Tue, 14 Apr 2026 07:52:16 -0500
-----------------------------------------------------------
Hackers use Claude and ChatGPT in 'a significant evolution in offensive 
capability' to breach government agencies, leak hundreds of millions of 
citizen records

Date:
Mon, 13 Apr 2026 14:20:00 +0000

Description:
Nine Mexican government agencies targeted by a single attacker with two AI 
tools.

FULL STORY
Big enterprises 
might soon get Claude Mythos to patch security holes in their software, but 
new research claims hackers are doing just fine with Claude Cowork. 

A report from security researchers Gambit claims a single threat actor 
targeted nine government agencies in Mexico, using Claude Code and GPT-4.1 
extensively, both during planning and execution, before making off with 
hundreds of millions of citizen records. The campaign ran from late December 
2025, through mid-February 2026, during which time, roughly 75% of all remote 
command execution (RCE) activity was generated - and executed - by Claude 
Code. Furthermore, the attacker used a custom 17,550-line Python tool to pipe 
harvested server data through OpenAIs API. This generated 2,597 structured 
intelligence reports across 305 internal servers.
 
Compressed attack timelines -- During the post-mortem, Gambit
said it uncovered more than 400 custom attack scripts, as well as 20 tailored 
exploits targeting 20 different CVEs. The attacker was using Generative 
Artificial Intelligence to find which vulnerabilities to exploit, and to 
generate the exploit code. 

During the attack, the threat actor made more than 1,000 prompts, through 
which they generated more than 5,300 AI-executed commands in 34 sessions on 
live victim infrastructure. 

Using AI in cybercrime is nothing new. However, this attack is a testament to 
what the cybersecurity industry has been warning of for years now - AI is 
speeding attacks up, and defenders who dont deploy the same technology stand 
no chance at all.

The campaign compressed attack timelines below standard detection and 
response windows, Gambit said.

It transformed raw reconnaissance data from hundreds of servers into 
structured intelligence, thus enabling a single operator to process volumes 
that would normally require a team. It turned unfamiliar systems into mapped 
targets and tailored exploits in hours, not days. 

Gambits researchers concluded that this AI-assisted method represents a 
significant evolution in offensive capability, which could have been avoided 
through standard security controls such as patching, credential rotation, 
network segmentation, and endpoint detection.

Link to news story:
https://www.techradar.com/pro/security/hackers-use-claude-and-chatgpt-in-a-sig
nificant-evolution-in-offensive-capability-to-breach-government-agencies-leak-
hundreds-of-millions-of-citizen-records

$$
--- MultiMail/DOS
 * Origin: Capitol City Hub (1:2320/105)

-----------------------------------------------------------
[Voltar]