Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss

Summary

RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce. "There were people on one side who hated it," Joyce, who is now a venture partner at DataTribe, said during a Monday talk at RSAC. "They thought it was a meaningless distraction. There was another side who saw it as a significant insight into offensive operations." Joyce sits firmly in the latter camp. "I saw this as a really important set of insights – and something really scary." The Beijing-backed snoops considered a typical attack chain, broke it into small steps, then built a framework using agentic AI to carry out an intrusion attempt. The agents mapped attack surfaces, scanned target organizations' infrastructure, found vulnerabilities, and even researched and wrote exploitation code. Once they were inside networks, China’s bots found and abused valid credentials, escalated privileges, and moved laterally. In some cases, the agents even found and stole sensitive data. Machines don't get tired of reading code. They can review and review and review until they find that vulnerability "But the number one thing to me is: it worked. It freakin' worked," Joyce said. "It brought a set of tools, it went against real-world targets, and it won.” He fears that continuing improvements to LLMs, and the fact they’re now effectively modular so crooks can quickly update their AI tools, means automated attacks will improve "exponentially." Last year, in an interview with The Register, Joyce said AI will "soon" be a great exploit coder. On Monday, he told an audience of security experts and coders it’s already happened. The upside? Agentic AI systems’ ability to find zero-day vulnerabilities and develop exploits at machine speed can be a boon defenders, too. Projects like Google's Big Sleep, an AI agent that helps security researchers find zero-day flaws, have spotted several...