AI-Assisted State-Scale Cyber Espionage: Hacker Uses Claude Code + GPT-4.1 to Steal 150GB From Nine Mexican Government Agencies
For years, security researchers have warned that AI would eventually be weaponized at scale. In late 2025 and early 2026, it happened — quietly, methodically, and with a scope that should reframe how every security team thinks about AI-enabled threats. A single threat actor used Anthropic’s Claude Code and OpenAI’s GPT-4.1 to breach nine Mexican government agencies, exfiltrating approximately 150GB of data — hundreds of millions of citizen records — across a campaign that ran from late December 2025 through mid-February 2026. Confirmed reports emerged April 11, 2026, with investigators calling it one of the first confirmed cases of AI-assisted state-scale cyber espionage carried out by a single individual. ...