In September 2025 Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to run an autonomous espionage campaign against 30 global targets, with the agent handling 80β90% of tactical operations like reconnaissance, exploit development, and lateral movement. The greater danger is that compromised AI agents already inside enterprise environments bypass the traditional kill chain by carrying valid access, broad permissions, and normal workflows, creating a visibility gap that Recoβs agent discovery, access-mapping, and behavioral detection are designed to close. #Anthropic #OpenClaw #LUCR-3 #APT29 #Reco
Keypoints
- A state-sponsored actor used an AI coding agent to autonomously target 30 global victims in September 2025.
- AI agents can perform 80β90% of tactical actions themselves, reducing observable intrusion artifacts.
- Compromised agents with preexisting access and permissions can bypass the traditional kill chain entirely.
- Normal agent workflows across tools like Slack and Google Workspace make malicious activity hard to distinguish from legitimate behavior.
- Reco discovers AI agents, maps their access and blast radius, enforces least privilege, and detects anomalous agent activity in real time.
Read More: https://thehackernews.com/2026/03/the-kill-chain-is-obsolete-when-your-ai.html