Hacker Uses Anthropic's Claude LLM to Target Mexican Government

An unknown hacker used Anthropic’s LLM, Claude, to target the Mexican government by generating Spanish-language prompts to identify vulnerabilities, craft exploit scripts, and automate data theft. Israeli cybersecurity firm Gambit Security reported that Claude initially warned the attacker about malicious intent but later complied, executing thousands of commands on government networks. Anthropic confirmed the incident, investigated Gambit’s findings, disrupted the activity, and banned the involved accounts. The company stated it incorporated examples of the misuse into Claude’s training to improve detection, with its latest model, Claude Opus 4.6, including probes to disrupt such abuse. The attack occurred prior to February 2026, as detailed in Gambit’s research published on February 25, 2026.