Cybersecurity Snapshot: Agentic AI Security in Focus
Check out Anthropic's unvarnished description of how a brazen attacker maliciously used its Claude Code product. Plus, the CSA tackles IAM in agentic AI systems. In addition, cyber agencies issue a stark warning about cyber espionage threat from China-backed APT groups. And get the latest on SBOMs, IoT security and secure software provisioning! Here are six things you need to know for the week ending August 29.
1 - Anthropic: Attacker turned Claude Code agentic AI tool into a master hacker
A wild story, even by the standards of the artificial intelligence world. AI vendor Anthropic this week detailed how a sophisticated cyber crook weaponized its Claude Code product to “an unprecedented degree” in a large-scale extortion and data-theft campaign.
Specifically, the attacker used this agentic AI coding tool to:
- The incident, the company said, takes AI-assisted cybercrime to another level. “Agentic AI has been weaponized. AI models are now being used to perform sophisticated cyberattacks, not just advise on how to carry them out,” Anthropic wrote in a blog post.
- By the time Anthropic shut down the attacker’s accounts, at least 17 organizations had been hit, including healthcare, emergency services, government and religious groups. “We have also developed a tailored classifier (an automated screening tool), and introduced a new detection method to help us discover activity like this as quickly as possible in the future,” Anthropic wrote.
- The incident, which Antropic labeled “vibe hacking,” is just one of 10 real-world use cases included in Anthropic’s “Threat Intelligence Report: August 2025” that detail abuses of the company’s AI tools. Anthropic said it hopes the report helps the broader AI security community boost their own defenses.
For more information about AI security, check out these Tenable Research blogs:
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Salt Typhoon and Related China-Backed APT Attacks Against Critical Infrastructure
2 - CSA: Traditional IAM can’t handle agentic AI identity threats
What happens when you give these autonomous AI systems the keys to your organization’s digital identities? It’s a question that drove the Cloud Security Alliance (CSA) to come up with a proposal for how to better protect digital identities in agentic AI tools.
The CSA argues that traditional approaches for identity and access management (IAM) fall short when applied to agentic AI systems. “Unlike conventional IAM protocols designed for predictable human users and static applications, agentic AI systems operate autonomously, make dynamic decisions, and require fine-grained access controls that adapt in real-time,” the CSA paper reads.
The CSA proposes a new, adaptive IAM framework that pivots away from predefined roles and permissions and instead focuses on a continuous, context-aware approach. The framework is built on several core principles:
- “We then propose a comprehensive framework built upon rich, verifiable Agent Identities (IDs), leveraging Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), that encapsulate an agent's capabilities, provenance, behavioral scope, and security posture,” the paper reads.
- Key components of the framework include an agent naming service (ANS) and a unified global session-management and policy-enforcement layer.
For more information about IAM in AI systems:
Agentic AI Identity and Access Management: A New Approach
3 - Global alert: China-backed APTs hit critical infrastructure in cyber espionage campaign
Patch known exploited vulnerabilities. Adopt centralized logging. Secure your network’s edge devices.
Those are basic but essential steps that critical infrastructure organizations should take immediately to protect themselves against ongoing and global cyber attacks from advanced persistent threat (APT) attackers backed by the Chinese government (PRC).
So said multiple U.S. and international government agencies in the joint advisory “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System,” published this week.
“By exposing the tactics used by PRC state-sponsored actors and providing actionable guidance, we are helping organizations strengthen their defenses and protect the systems that underpin our national and economic security,” Madhu Gottumukkala, Acting Director of CISA, said in a statement.
4 - CISA tool aims to help orgs choose secure software
Buying new software is a security gamble. To improve the odds, CISA released a free interactive tool that walks organizations through a security checklist questionnaire before they buy.
The agency says it offers a simple way to vet a vendor's security practices, covering everything from supply chain integrity to vulnerability management.
5 - NIST tackles IoT security with categorization of IoT device behavior
How do you stop your internet-of-things (IoT) devices from going rogue? To help with that challenge, the U.S. National Institute of Standards and Technology (NIST) this week published guidance for capturing and documenting the network-communication behavior of IoT devices – an element that’s key for IoT cybersecurity.
“It enables the implementation of appropriate network access controls (e.g., firewall rules or access control lists) to protect the devices and the networks on which they are deployed,” reads the publication, titled “Methodology for Characterizing Network Behavior of Internet of Things Devices.”
6 - CISA seeks input on updated SBOM guidance
Software bills of materials (SBOMs) have long been considered a key element for securing the software supply chain, and tools and practices associated with these software “lists of ingredients” continue to improve and evolve.
Recognizing SBOM advancements, increased adoption and new use cases in recent years, CISA is circulating a draft update of its 2021 publication "Minimum Elements for a Software Bill of Materials (SBOM)" for public .
An SBOM lists all of the components that make up a piece of software, providing transparency into its makeup. That way, they help security teams quickly identify where in their environment they have, say, an open source component afflicted with a recently disclosed and critical vulnerability.
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Read the full article hereStay up-to-date on the latest cybersecurity news and tips by following us on social media: