Anthropic published an analysis of 832 banned accounts linked to malicious cyber activity between March 2025 and March 2026. The part that stood out to me was not just “AI helps phishing.” That is already obvious. The more serious point is that AI is starting to help lower skill actors perform post compromise work that usually required more experience, like account discovery, lateral movement, credential dumping, web shell deployment, and attack planning. Anthropic also said the higher risk cases were not always about the number of techniques used, but how attackers used AI agents to orchestrate them. That feels like the real shift. Prompt by prompt abuse is one thing. Agent assisted cyber activity is different because the model can help chain steps, decide pivots, and keep the operation moving. Interested in knowing how people here think Anthropic should handle this without over restricting legitimate security research. Where is the line between useful cyber assistance and enabling abuse? submitted by /u/sunychoudhary
Originally posted by u/sunychoudhary on r/ClaudeCode