US artificial intelligence (AI) company Anthropic says its technology has been “weaponised” by hackers to carry out sophisticated cyber attacks.

Anthropic, which makes the chatbot Claude, says its tools were used by hackers “to commit large-scale theft and extortion of personal data”.

The firm said its AI was used to help write code which carried out cyber-attacks, while in another case, North Korean scammers used Claude to fraudulently get remote jobs at top US companies.

Anthropic says it was able to disrupt the threat actors and has reported the cases to the authorities along with improving its detection tools.

Using AI to help write code has increased in popularity as the tech becomes more capable and accessible.

Anthropic says it detected a case of so-called “vibe hacking”, where its AI was used to write code which could hack into at least 17 different organisations, including government bodies.

It said the hackers “used AI to what we believe is an unprecedented degree”.

They used Claude to “make both tactical and strategic decisions, such as deciding which data to exfiltrate, and how to craft psychologically targeted extortion demands”.

It even suggested ransom amounts for the victims.

Agentic AI – where the tech operates autonomously – has been touted as the next big step in the space.

But these examples show some of the risks powerful tools pose to potential victims of cyber-crime.

The use of AI means “the time required to exploit cybersecurity vulnerabilities is shrinking rapidly”, said Alina Timofeeva, an adviser on cyber-crime and AI.

“Detection and mitigation must shift towards being proactive and preventative, not reactive after harm is done,” she said.

But it is not just cyber-crime that the tech is being used for.

Anthropic said “North Korean operatives” used its models to create fake profiles to apply for remote jobs at US Fortune 500 tech companies.

The use of remote jobs to gain access to companies’ systems has been known about for a while, but Anthropic says using AI in the fraud scheme is “a fundamentally new phase for these employment scams”.

It said AI was used to write job applications, and once the fraudsters were employed, it was used to help translate messages and write code.

Often, North Korean workers are “are sealed off from the outside world, culturally and technically, making it harder for them to pull off this subterfuge,” said Geoff White, co-presenter of the BBC podcast The Lazarus Heist.

“Agentic AI can help them leap over those barriers, allowing them to get hired,” he said.

“Their new employer is then in breach of international sanctions by unwittingly paying a North Korean.”

But he said AI “isn’t currently creating entirely new crimewaves” and “a lot of ransomware intrusions still happen thanks to tried-and-tested tricks like sending phishing emails and hunting for software vulnerabilities”.

“Organisations need to understand that AI is a repository of confidential information that requires protection, just like any other form of storage system,” said Nivedita Murthy, senior security consultant at cyber-security firm Black Duck.

CHESTERFIELD COUNTY, Va. — Two teachers were recently arrested on child pornography charges, prompting local child safety experts to encourage parents to have difficult but necessary conversations with their children about abuse prevention.

“The violation of one of my children’s safety is like the number one, two and three worst nightmare for any parent and so I think it’s perfectly understandable that parent would panic,” said Bob Nickles with Child Savers, a local nonprofit that uses prevention and intervention models to address children’s mental health and help them recover from different kinds of trauma.

But the conversations parents and guardians have with kids and teens don’t have to be overwhelming, according to Nickles.

“An incident like this in the community, as unfortunate as it is, is a great excuse or opportunity to start that conversation with your young person,” Nickles said.

Nickles said often times parents find conversations about safety and sexual assault uncomfortable. However he says avoiding those interactions with children can result in instances of abuse being harder to recognize. He believes one of the best ways to prevent it is by parents having age-appropriate conversations as early as possible.

“So with really young children, I encourage parents to talk about body parts with the anatomical term, have clear family rules and expectations about your bathing suit areas. No one should be touching you in these areas except your mom or dad or doctor if your mom and dad is there with you. That’s a normal expectation for a lot of families,” Nickles said. “As our kids get older I want to make sure that our parents are talking to them directly about sex, dating, internet safety and asking and recruiting our young people to bring their questions to the parent so that they don’t feel like they have to go to Google or A.I. or even their peers who may know even less than they do.”

In this case, Nickles said transparency is key. While privacy is encouraged, secrets are not.

“Secrets are often make it really difficult for kids to understand when they can ask for help and what they can talk about. So for a lot of families, I encouraged them to have a ‘no secrets’ policy. You can have privacy at certain times, but especially for our young kids. We talk about having privacy is a good thing, having secrets is a liability,” Nickles said.

Nickles said in instances of abuse, it’s also important to teach kids and remind adults about personal and private boundaries and what to say and do if they’re crossed.

“One thing they can do is to practice paying attention to, ‘Stop, I don’t like that,’ and to practice ‘Stop, I don’t like that,’ skills as a family,” Nickles said. “Which is a way to set a boundary. So for example, if tickling or horse-playing is happening between a parent and a child and a child says, ‘Stop, I don’t like that,’ we just stop. That’s easy, that’s practicing the skill that they may need in a safety situation.”

Nickles says modeling ‘Stop, I don’t like,’ is beneficial for children as young as three and as old as 13 as a way to develop those defensive skills early so that they know how to set boundaries, tell a trusted adult if they are targeted, and not feel pressured to keep secrets that could make them vulnerable.

Nickles says the vat majority of adults in the school system are their to be a positive influence on the students they interact with. While protecting children should always be the top priority the nonprofit says it is crucial that adults hold themselves accountable as well and that they speak up when they notice something wrong.

“Sometimes we can focus on making sure are children are ready to keep themselves safe, but this is a grown up problem. The kids didn’t cause this problem this is an us problem,” Nickles said. ” We create a culture in which adults don’t talk to each other about certain topics like sexuality, they don’t talk to each other about safety, adults aren’t supporting each other in parenting roles, adults are necessarily getting involved in their schools and getting to know their educators.

Most importantly, Nickles said fostering an environment where it’s OK to speak up is key so that if something happens to your child, their peers or someone else you know, you can say something without any fear of judgment.

“There are a lot of parenting tasks that are uncomfortable, but it doesn’t mean we don’t do those things. And so lean in and it’ll be uncomfortable for a moment and then you’ll build on that relationship,” Nickles said. “Our staff is comfortable working with parents and its not difficult to learn how to have those conversations.”

If you would like to learn more information about how to approach these sensitive topics with your child, Nickles recommends using local resources like:

“At the end of the day we want our kids to know that they count, we want them to know how to have healthy connections with people, we want them to be capable and we wont them to have courage. We call that the “Four C’s,'” Nickles said. “Anytime we can pour our miracle grow on those four attributes and role model those for our kids, then they are going to grow to be better decision makers, because at the end of the day a lot of our kids are going to be parenting their own kids in the future.”

CBS 6 is committed to sharing community voices on this important topic. Email your thoughts to the CBS 6 Newsroom.

📲: CONNECT WITH US

Blue Sky | Facebook | Instagram | X | Threads | TikTok | YouTube

This story was initially reported by a journalist and has been converted to this platform with the assistance of AI. Our editorial team verifies all reporting on all platforms for fairness and accuracy. To learn more about how we use AI in our newsroom, click here.

A sweeping ransomware cyberattack has caused several state-run agencies in Nevada to shut down, with officials saying some data was taken out of the state’s network by “malicious actors.”

The widespread attack Sunday shuttered the Department of Motor Vehicles, the Nevada Department of Public Safety, keeping those agencies and several others closed into Thursday, 2 News Nevada reported. The cyberattack also took down the website and phone lines for the Nevada Gaming Control Board, which regulates gaming in the famous Vegas Strip, according to The Nevada Independent.

While state leaders initially believed no personal data had been stolen in the attack, they admitted Wednesday that some may have been taken.

“I must disclose that our ongoing forensic investigation has found evidence that indicates some data has been exfiltrated, or moved outside the state network, by the malicious actors,” said Tim Galluzi, the executive director of the Governor’s Technology Office.

open image in gallery

“At this stage, we cannot yet identify or classify the specific nature of this data,” he added, according to CBS News.

The Nevada government’s website was still offline as Thursday morning.

Governor Joe Lombardo’s office continues to provide updates on the attack, though much remained unclear Thursday, including the scope of the breach, what caused it or any suspects. The impacts of the attack are widespread, affecting the portal that allows residents to apply for Medicaid, SNAP and other benefit programs and also causing difficulties for some law enforcement agencies.

In Nye County, law enforcement officials are keeping track of deputies using pen and paper, Sheriff Joe McGill told Fox 5 Vegas.

“It is greatly affecting us every day… anything that is interfacing to the state is down.. So, we cannot run driver’s licenses, we cannot run license plates. We cannot run people for warrants,” McGill said.

“We are very much ham-stringed…We had to go over to our jail and go around and scan everybody’s wristband to create our own paper database on an Excel sheet so that we knew who’s in our jail,” McGill added.

While phone calls to 911 are going through, dispatchers aren’t able to access the computer systems used to track the information.

open image in gallery

“The dispatchers are having to take as brief of notes as they possibly can in handwriting on a piece of paper… they’re having to keep track on another piece of paper of where their units are… It absolutely is an officer safety issue… Our CAD system, our Computer Aided Dispatch system… shows the GPS location based on the computer in the car. We don’t have that right now. More often than not, that’s simply a convenience. But if somebody were to come on the air and scream, ‘I need help’, they don’t know where they are,” McGill said.

According to the report, not all police departments were impacted, and some still have fully operational computer systems.

Despite the disruptions, Lombardo said all state employees will be paid on time.

Nevadans should be wary of “unsolicited calls, emails or texts” exploiting the situation by asking for “personal information or payments,” Lombardo’s office added.

No timeline has been given for full restoration. The FBI is investigating the attack.

The FBI and Dutch police today said that they seized two domains and a blog tied to VerifTools, an international criminal marketplace that sold identity documents for as little as $9.

VerifTools was one of the largest online shops for fake driver’s licenses, passports, and other forms of ID. With these documents, criminals can assume new identities, get hired by tech companies in fake IT worker scams, or pull off digital identity and bank help-desk fraud. Teens can also use fake IDs to trick sales clerks into selling them alcohol, we’re told.

On August 27, the Rotterdam Police Cybercrime Team seized data from the VerifTools website’s servers at a data center in Amsterdam, according to the Dutch police, while the FBI pulled the platform offline.

VerifTools home page now – Click to enlarge

“The removal of this marketplace is a major step in protecting the public from fraud and identity theft crime,” Acting Special Agent in Charge Philip Russell of the FBI Albuquerque Field Office said in announcing the seizure.

The FBI began investigating VerifTools in August 2022 after discovering a conspiracy to use stolen identity information to access cryptocurrency accounts, according to the feds. 

During the probe, undercover cops used the marketplace to generate and purchase counterfeit New Mexico driver’s licenses, which they paid for with cryptocurrency. Investigators ultimately determined that the marketplace sold fake ID documents for all 50 US states and multiple foreign countries.

The FBI identified the equivalent of about $6.4 million of illicit proceeds linked to VerifTools.

At the Amsterdam data center, Dutch police seized two physical servers and more than 21 virtual servers. “Police will further examine the data on the servers and determine whether the administrator and users can be identified,” the Rotterdam Police said.

In the Netherlands, forgery, false identification, and deploying counterfeit payment instruments each carry a maximum prison sentence of six years. ®

Our deep appreciation to Security BSides – San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon – certainly a venue like no other; and via the organization’s YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF ‘Work With Us’ page, in which, the appropriate information is to be had!

Nevada state officials confirmed Wednesday night that the “security incident” that was detected on Sunday was a ransomware attack, and that while the investigation is still ongoing, it appears the perpetrators stole state data.

During a press conference Wednesday evening, Nevada Chief Information Officer Timothy Galluzi shared more details about the cyberattack. While the forensic investigation is still ongoing, Galluzi shared that it has revealed evidence that some state data has been exfiltrated from the state’s system without authorization. He said it is unclear what type of data was stolen.

“I need to be very clear on the next point. At this stage of our intensive investigation, we cannot yet identify or classify the specific nature of this data. The process of analyzing the information to determine exactly what was taken is complex, methodical and time consuming,” he said. “Speculation on the data that was affected before we have any definitive proof would be irresponsible.”

Galluzi said the state’s data center operations team first detected anomalous activity on its server on Sunday morning, and the state immediately activated its cybersecurity incident response plan. This included, he said, isolating certain systems and taking them offline to prevent further intrusion on the state’s systems. This containment process, Galluzi said, caused several of the state’s web assets to go dark — including the state’s main website, NV.gov, along with many agency sites and online services — which he acknowledged has caused ample problems across the state’s operations.

“Our goal is to restore full functionality as soon as possible, but we have a duty to do so safely and securely,” he said, adding that while several of the assets are still offline, the state must ensure the threat is “eradicated” before bringing them back online.

Galluzi said the state was receiving support from federal cyber partners, and the Cybersecurity and Infrastructure Security Agency confirmed as much, sharing Wednesday it was assisting the state in restoring networks for lifesaving and critical services and helping to rebuild its systems.

As of Thursday, no cyber threat actor had claimed responsibility for the ransomware attack.

“Should we determine that any sensitive personal information of our citizens was compromised, we are prepared to follow the appropriate steps,” Galluzi continued.

Credit scoring and monitoring biz TransUnion says that it recently suffered a breach affecting nearly 4.5 million individuals.

Readers may notice the irony of a credit monitoring company, whose services are so often given “free of charge” to victims of data breaches in order to “secure” their identity and credit score, being popped itself.

According to a filing made by TransUnion’s in-house counsel to the Office of the Maine Attorney General, a recent attack on a third-party application compromised the personal data of 4,461,511 people.

In the template letter due to be sent this week, TransUnion did not specify the types of data accessed, but said that personal information was exposed to attackers who targeted the third-party app used by consumer support staff.

This usually entails basic information such as names, home and email addresses, and phone numbers. In some cases, it can also include passport, driver’s license, and national identity card details.

The company confirmed that neither credit reports nor core credit data was affected, and that the exposed information “was limited to specific data elements.”

“TransUnion takes the protection of personal information seriously, which is why we engage in robust, proactive security measures,” its letter to consumers read. “We continue to enhance our security controls as appropriate to minimize the risk of any similar incident in the future.”

According to the Maine filing, the attack occurred on July 28 and TransUnion discovered it two days later.

The Register asked TransUnion which third-party application led to the breach, whether it was connected to the recent breaches at Salesforce customers, what types of data were compromised, and whether the data was stolen.

The company told us: “TransUnion recently experienced a cyber incident that affected a third-party application serving our US consumer support operations. Upon discovery, we quickly contained the issue, which did not involve our core credit database or include credit reports.

“The incident involved unauthorized access to limited personal information for a very small percentage of US consumers. We are working with law enforcement and have engaged third party cybersecurity experts for an independent forensics review.”

It’s not just Salesforce customers lining up to confess to third-party breaches. Verizon’s most recent Data Breach Investigations Report (DBIR) noted that between 2023 and 2024, reports of data snafus involving third parties had doubled as attackers increasingly target supply chains.

And here’s the kicker. As ever with data breach disclosures, the victim company almost always offers affected individuals credit monitoring services and fraud support. It’s no different in this TransUnion case, which is providing its own cleanup services to breach victims.

TransUnion will supply credit monitoring for 24 months, via myTrueIdentity Online, and fraud assistance will be coming from Cyberscout, a TransUnion-owned company.

The Register asked TransUnion for additional information, and we’ll update the story if it responds. ®

After considering shifting oversight of school safety agents to the office of Chief of Department John Chell, the NYPD is instead placing the division under the office of first deputy commissioner Tania Kinsella, department officials and a department source said. 

The decision was finalized after THE CITY reported last week, based on multiple sources, that the department was moving the agents under Chief of Department John Chell.

The school safety division is currently under the Community Affairs Bureau, and the department’s initial plan to move it under Chell — who has been an architect of some of the department’s more aggressive policing tactics in recent years, including a surge in vehicle pursuits — drew criticism within hours.

The arrest of a Greenacres man accused of trying to meet a 13-year-old girl for sex has experts reminding parents of the importance of monitoring what their children do online.

Robin Blanchard, 45, was arrested Friday by Boynton Beach police.

“He willingly came with one purpose: to have sex with a 13-year-old,” said Sgt. Astrel Labbe of the Boynton Beach police.

According to the police report, Blanchard made contact with someone he thought was a young girl on the social media app Kik.

But the “girl” was actually a Boynton Beach police officer, and when Blanchard showed up at the Inn at Boynton Beach Friday to have sex with the girl, he was arrested.

“This is happening every day, everywhere across our country and across the world,” said Greg Schiller, CEO of the Child Rescue Coalition.

The Child Rescue Coalition is a nonprofit organization that provides technology to law enforcement to help them track down child predators.

“These predators are everywhere,” Schiller said. “If our children are in an app, a website, or a game, the predators know that. And they will be there, too.”

Schiller said it’s vital for parents to not just monitor what their kids are doing online, but to also talk to them frequently about the dangers.

“Talk to them about online grooming. Talk to them about sextortion. Talk to them about sexting,” Schiller said. “Let them know that these things go on.”

And let them know how quickly those things can happen.

According to Boynton Beach police, it only took Blanchard two days to go from first contact with the 13-year-old girl to meeting for sex.

Schiller said parents must constantly be vigilant.

“Unfortunately, we don’t live in a safe world when it comes to predators online,” Schiller said. “And those predators, if given the opportunity, will harm in real life.”

Blanchard faces five different charges, including using a computer to seduce, solicit, or lure a child.

His bond was set at $40,000.

The latest: WPBF 25 News coverage on Politics

The latest: Entertainment coverage from WPBF 25 News

Follow: Interactive traffic map