AI Models Enable Unprecedented Cyberattacks, Raising Global Security Concerns

The article explicitly mentions AI systems (Anthropic's Mythos and Claude models, among others) being used to carry out cyberattacks that have resulted in harm, such as hacking over 600 devices and stealing sensitive government data. This constitutes direct involvement of AI in causing harm to property and communities through cybersecurity breaches. The presence of actual attacks and data theft confirms realized harm rather than just potential risk. Hence, this qualifies as an AI Incident under the framework, as the AI systems' use has directly led to significant harm.

The article clearly identifies AI systems being used in real cyberattacks that have resulted in data breaches and unauthorized access to devices worldwide, fulfilling the criteria for an AI Incident. The harms are direct and realized, including data leaks and compromised security of critical infrastructure. While it also discusses potential future threats and defensive uses of AI, the presence of actual attacks and harm places this event firmly as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems (Anthropic's Mythos, Claude, DeepSeek) being used to carry out cyberattacks that have already caused harm, such as hacking over 600 devices and stealing sensitive government data. The AI systems' use directly contributes to violations of security and privacy, which fall under harm to communities and potentially violations of rights. The involvement of AI in these attacks is clear and the harms are realized, not just potential. Hence, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems (Anthropic's Mythos model and OpenAI's upcoming models) and their potential use in cyberattacks, which could lead to significant harm if realized. However, the article does not report any actual cyberattacks or harms that have already occurred due to these AI systems. Therefore, the event describes a plausible future risk rather than a realized incident. This fits the definition of an AI Hazard, as it involves the plausible potential for AI-driven harm in cybersecurity.

The article explicitly involves AI systems—advanced AI models and autonomous AI agents used for cyber offense. It discusses the use and potential misuse of these AI systems to exploit software vulnerabilities, which could lead to significant harms including disruption of critical infrastructure and harm to communities. Although no actual harm has yet occurred or been reported in this article, the warnings and expert opinions establish a credible and plausible risk of future AI-driven cyberattacks that could overwhelm defenses and cause harm. This fits the definition of an AI Hazard, as the development and use of these AI systems could plausibly lead to AI Incidents. The article does not describe a realized harm or incident, so it is not an AI Incident. It is not merely complementary information because the main focus is on the emerging risk and potential harm, not on responses or updates to past events. It is not unrelated because the AI system involvement and potential harm are central to the article.

The article explicitly mentions AI systems (Anthropic's Mythos, OpenAI models, Claude, DeepSeek) being used to conduct or enable cyberattacks that have already occurred, such as hacking devices and stealing sensitive government data. These attacks represent realized harm caused directly or indirectly by AI systems' use. The involvement of AI in these incidents is clear and central to the harm described. Hence, this qualifies as an AI Incident due to the direct link between AI use and realized cybersecurity harms.