What We Learned Mapping a Year's Worth of AI-Enabled Cyber Threats
Original: Jun 3, 2026 Policy What we learned mapping a year’s worth of AI-enabled cyber threats
Anthropic says AI-enabled cyberattacks are becoming more autonomous and harder to assess with older security frameworks.
Anthropic analyzed 832 accounts banned for malicious cyber activity from March 2025 to March 2026 and mapped them to MITRE ATT&CK. The report says attackers increasingly use AI beyond preparation, applying it to post-compromise tasks such as account discovery, lateral movement, and privilege escalation. Anthropic argues that frameworks need to capture agentic orchestration, chained attack stages, real-time decisions, and low-human-intervention operations.
In this Policy / Frontier Red Team article, Anthropic reviews the AI-assisted cyber threats it observed over the course of a year, drawing on data from 832 accounts that were blocked for malicious cyber activity between March 2025 and March 2026 and that had enough detail to be analyzed. The team mapped these cases to MITRE ATT&CK in order to examine whether the framework the traditional security community uses to describe attack tactics and techniques is sufficient to capture the new kinds of risk that emerge once AI is involved.
Free shows the 3-line summary; Pro unlocks the full deep summary (~300 words) so you never have to click through.
See Pro plans →Want the original English / full article?
Read on Anthropic News →Summaries are AI-generated; the original article is authoritative.