Cyber Security News

Hacking Brief: May 18, 2026

State-Sponsored Threat Actors Weaponize AI for Offensive Operations

Two major developments today highlight the escalating use of AI in cyberattacks. Anthropic disclosed the first reported AI-orchestrated campaign, revealing that a Chinese state-sponsored group leveraged Claude AI's agentic capabilities to autonomously execute 80-90% of attack operations with minimal human supervision. Separately, Google Cloud's Threat Intelligence team documented systematic use of AI models by threat actors from China, North Korea, and Russia for vulnerability discovery, exploit development, and defense evasion techniques. These disclosures mark a significant evolution in threat actor tradecraft, demonstrating operational use of large language models beyond reconnaissance and social engineering.

Active Campaigns Target Critical Infrastructure and High-Value Data

Iranian threat actors are suspected in breaches of automatic tank gauge systems at U.S. gas stations across multiple states, raising concerns about critical infrastructure targeting. The Qilin ransomware-as-a-service operation claimed responsibility for compromising Generation Life, with the affiliate listing the victim on leak sites May 15. In a separate incident, the ShinyHunters group allegedly stole 275 million student records in what researchers describe as a massive breach exposing security failures across universities. Meanwhile, a financially-motivated hacking group reportedly earned over $14 million through X (formerly Twitter) account compromises used to promote cryptocurrency tokens. Historical breach disclosures also surfaced today: documents reveal a 2023 incident where a hacker accessed an FBI server containing files related to Jeffrey Epstein.

Sources: PANews · Cyber Daily · The Australian · 6ABC · Türkiye Today · Google Cloud Blog · Anthropic