Skip to content
Tech News
← Back to articles

Mexican government breached by solo user with Claude, 150 GB exfiltrated

2026-05-18 | original
read original more articles
Why This Matters

The integration of AI into cybersecurity has lowered the barriers for attackers, enabling even amateurs to execute sophisticated attacks with minimal cost and expertise. This shift emphasizes the need for the industry and consumers to adapt to a landscape where traditional vulnerabilities are exploited more efficiently, making cybersecurity vigilance more critical than ever.

Key Takeaways

AI did not invent new attacks. It billed the old ones monthly. Crypto is the only place we can count it, and the early signals are in.

AI did not invent any new attacks or any new economic vulnerabilities. It did one thing: it dropped the cost and knowledge requirements for attackers by orders of magnitude, and made the execution possible by anyone with a subscription and malicious intent. Just in 2025, the news covered AI attacks that hit the Mexican government [1], seventeen healthcare and emergency services organizations [2], and eighty-five ransomware victims of one amateur in Algeria [2]. It is also happening in crypto today. And crypto is the only place we will be able to count it.

AI evens the playing field

Most coverage of AI in security right now picks one of two frames.

Utopian - better audits, fewer bugs, safer code.

Apocalyptic - autonomous superhackers finding novel zero-days that nobody has ever seen.

Both frames miss what is actually happening. Frontier models in 2026 are producing the same kinds of findings as the static analyzers we have had for a decade. They just produce more of them, faster, at a lower marginal human cost. Daniel Stenberg, the curl maintainer who recently put one of the most hyped frontier models on his own codebase, said: “the AI tools find the usual and established kind of errors we already know about. It just finds new instances of them” [3].

The attack catalogue itself is the same one we have been losing money to since 2021 and before mass AI adoption. Oracle manipulation. Governance capture. Flash-loan-driven economic exploitation. Social engineering. Credential harvesting. Classic web vulnerabilities. AI did not add a single line item. What it reduced is the labor needed to operate any of them. An elite Solidity auditor could costs about $25,000 per engineer-week [4]. Call it $500 an hour, per their own procurement benchmarks. The same surface coverage on a frontier model runs about $1.22 per contract on average in API tokens, per Anthropic’s own published figures, and the per-exploit token cost is falling roughly 22% every model generation, or about every two months [5]. The skill required to spot a flash-loan governance attack has not gone down. The cost to run one has.

AI did not break the floor. The floor was never knowledge. The floor was always a price tag on attacker labor, and now the price is a subscription. AI did not democratize hacking. It just billed it monthly.

Random people, real hacks, this year

... continue reading

Explore topics: mexican government claude ai attacks ransomware crypto
Related:
Massive Crypto ATM Company Bitcoin Depot Is Shutting Down as the Whole Industry Collapses
SandboxAQ brings its drug discovery models to Claude — no PhD in computing required
Cloud attacks are getting faster and deadlier - 4 ways to secure your business
5 ways to fortify your network against the new speed of AI attacks
Iran starts Bitcoin-backed ship insurance for Hormuz strait

© 2026 GoKawiil

About | Editorial Policy | Contact