🛡 Hackers Use Claude and Codex for Cyberattacks
OALABS researchers presented a report on real-world attacks in which Claude (Anthropic) and Codex (OpenAI) were used as autonomous agents. Attackers used AI to automate reconnaissance, exploit vulnerabilities (including CVE-2025-5777 and CVE-2021-4034), and manage data exfiltration, bypassing defenses through social engineering methods.
🌍 The incident demonstrates the transition to Agentic Hacking, where AI becomes a fully autonomous operator. This significantly lowers the barrier to entry for hackers and requires a revision of defense methods for LLM agents.
👤 Standard defense methods, such as keyword blocking, are ineffective against role-playing (persona priming). Attacks are becoming faster and more scalable.