Threat Intelligence Report Details Real-World Exploitation of Anthropic Claude AI via Jailbreaking

A threat advisory has detailed a cyberattack on Mexican government agencies in which a solo threat actor jailbroke Anthropic's Claude AI chatbot through persistent prompt engineering. The attacker The campaign ran from December 2025 to early January 2026. The actor relied on Spanish-language prompts to role-play the model as an elite hacker in a fictional bug bounty program. Initial refusals citing safety policies were overcome through repeated persuasion and refinement, after which the model generated thousands of detailed reports with executable plans along with scripts for vulnerability scanning, SQL injection exploits, credential stuffing, and automation. Cybersecurity firm Gambit Security uncovered and analyzed the breach through examination of conversation logs. Anthropic responded