Anthropic Claude Code automating APT hacks, KnownSec leak, Chinese buses with remote access

Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.

Three Buddy Problem - Episode 72: We unpack Anthropic’s conflicting self-promotion around the “first AI-orchestrated cyberattack” using Claude Code and the future of automated APT attacks.

Plus, Chinese cyber vendor KnownSec falls victim to data breach, fresh accusations that the U.S. stole billions in Bitcoin, Amazon warning about Cisco/Citrix zero-days, Google’s new Private AI Compute and Microsoft kernel zero-day marked as "actively exploited."

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (unedited, AI-generated)
• Material Security case studies
• TLPBLACK
• Anthropic: Disrupting the first reported AI-orchestrated cyber espionage campaign
• Anthropic report on AI-orchestreated APT campaign ()DF)
• Data breach at Chinese infosec firm reveals weapons arsenal
• Twitter thread on KnownSec breach details
• China Accuses US of Orchestrating $13 Billion Bitcoin Hack
• CISA finds federal agencies missing critical (exploited) vulns
• Amazon discovers APT exploiting Cisco and Citrix zero-days
• Amazon launches private AI bug bounty program
• Amazon Nova
• Microsoft Warns of Exploited Windows Kernel Zero-Day
• Google intros Private AI Compute tech
• Google paper on Private AI Computer (PDF)
• OpenAI CISO on NYTimes request for ChatGPT conversations
• UK transport and cyber-security chiefs investigate Chinese-made buses
• Ruter pen-tests Chinese electric buses
• DistrictCon
• CYBERWARCON
• DefCamp 2025