😸 The first truly AI-powered cyberattack

Welcome, humans.

Thanks again to everyone who joined our livestream yesterday! ICYMI, we’re going to recap all the insights and learnings from this 2 and a half hour episode in a blog post (probably on Sunday, if not Monday) to put it all in a digestible, scannable format (we also need to do this for the last 3-5 lives that we did, so we’ll probably just crank ‘em out this weekend to catch up).

Another note: to anyone interested in offering up a special discount for your product/service in our upcoming Black Friday edition of The Neuron, make sure you click the button and fill out the form below. Mindy says if you don’t place your order today, we’ll probably be all booked up by Monday. Don’t let Mindy down, people!

Advertise in The Neuron here!

Now, OpenAI apparently began piloting group chats in ChatGPT across Japan, New Zealand, South Korea, and Taiwan, allowing up to 20 people to collaborate in shared conversations where the AI knows when to respond and when to stay quiet. This is lowkey kind of awesome? I’m really into the idea of multiplayer AI conversations…

And if you’re wondering where this goes next, we think Yuchen Jin put it very nicely (as per usual):

Look at it from their POV: If you made a tool that could code anything, why WOULDN’T you code everything?

Here’s what happened in AI today:

1. Chinese hackers used Claude Code to execute the first AI-powered cyberattack.
2. Cursor raised $2.3B at a $29.3B valuation to build its own model.
3. OpenAI released GPT-5.1 cutting response times from 10 seconds to 2 seconds.
4. Google unveiled a new agent that calls stores and auto-buys when prices drop.

Chinese Hackers Used AI to Run a Massive Cyberattack on Autopilot (And It Actually Worked)

Anthropic just revealed that Chinese state-sponsored hackers used Claude Code, their AI coding assistant,to execute what they're calling the first large-scale cyberattack run almost entirely by AI. Not AI giving advice to hackers. AI doing the hacking.

In mid-September, the attackers targeted roughly 30 organizations: major tech companies, financial institutions, chemical manufacturers, and government agencies. They succeeded in breaking into a handful of them.

Here's what makes this unprecedented: The AI handled 80-90% of the actual work. Human operators only stepped in at 4-6 critical decision points per campaign. Everything else (scanning systems, writing exploit code, stealing credentials, analyzing stolen data) happened on AI autopilot.

The attack worked in phases:

• Reconnaissance: Claude autonomously discovered internal services, mapped networks, and identified high-value targets.
• Exploitation: The AI generated custom attack code, validated vulnerabilities, and confirmed successful breaches.
• Credential harvesting: Claude systematically collected usernames and passwords, then tested them across systems.
• Data extraction: The AI parsed massive amounts of stolen information and categorized it by intelligence value.
• Documentation: Claude created detailed records of everything it found for the human operators.

The trick? Hackers jailbroke Claude by pretending to be legitimate cybersecurity firms doing defensive testing. They broke attacks into small, innocent-seeming tasks that Claude executed without seeing the full malicious picture.

One silver lining = Claude kept hallucinating lol. It claimed to extract credentials that didn't work and identified "critical discoveries" that were just public information. Turns out AI making stuff up is annoying for hackers too!

Anthropic detected the attack, banned the accounts, notified authorities, and impacted organizations within 10 days.

Why this matters: The barrier to launching sophisticated cyberattacks just dropped dramatically. What used to require entire teams of experienced hackers can now be done by less-skilled groups with the right AI setup.

This is a fundamental shift. Over the next 6-12 months, expect security teams everywhere to start deploying AI for defense—automation, threat detection, vulnerability scanning at a more elevated level. The companies that don't adapt will be sitting ducks to get overwhelmed by similar tricks.

If your company handles sensitive data, now's the time to ask your IT team what AI-powered defenses you have in place. Because if the attackers are using AI agents, you'd better believe your defenders need them too… Check out the full report here.

FROM OUR PARTNERS

Voice AI Goes Mainstream in 2025

Human-like voice agents are moving from pilot to production. In Deepgram’s 2025 State of Voice AI Report, created with Opus Research, we surveyed 400 senior leaders across North America - many from $100M+ enterprises - to map what’s real and what’s next.

The data is clear:

• 97% already use voice technology; 84% plan to increase budgets this year.
• 80% still rely on traditional voice agents.
• Only 21% are very satisfied.
• Customer service tops the list of near-term wins, from task automation to order taking.

See where you stand against your peers, learn what separates leaders from laggards, and get practical guidance for deploying human-like agents in 2025.

Download the Report

Prompt Tip of the Day

If you're using the OpenAI API (or thinking about it), here's how to slash your AI costs by up to 90%: OpenAI's Prompt Caching automatically stores repetitive parts of your prompts—like system instructions or templates—so you're not paying to process them over and over.

Steven Heidel says for GPT-5.1 models, you can now set"prompt_cache_retention" to "24h" ito keep your prompts cached for 24 hours instead of just 5-10 minutes.

When to use it: If you're running the same instructions repeatedly (customer service bots, content templates, research workflows), this is a no-brainer.

To get started: You'll need API access (sign up at platform.openai.com). Make sure to structure your prompts with static content first, dynamic content last; the first 1,024+ tokens get cached automatically.

This trick isn't just for developers. If you're using tools like Make, Zapier, or any app that hits the OpenAI API repeatedly, this setting could dramatically reduce your bills.

Treats to Try

1. OpenAI released GPT-5.1 for developers with dynamic reasoning that adapts thinking time based on task complexity, cutting response times from 10 seconds to 2 seconds on simple queries while adding “no reasoning” mode for latency-sensitive use cases.
2. NotebookLM includes Deep Research: give it any topic and it automatically gathers sources, writes a research report, then lets you import those sources to explore with chat, mind maps, and audio overviews; NotebookLM also now turns your research documents and notes into customizable video overviews by letting you describe the style you want in a simple prompt.
3. Firefox announced AI Window, a fully opt-in intelligent workspace where users can chat with AI assistants while browsing, plus Shake to Summarize on iOS that generates page summaries with a device shake, and AI-powered tab grouping that runs locally on-device using a 57MB distilled model, automatically suggesting titles and related tabs to organize browser windows without sending data to Mozilla's servers.
4. Google unveiled agentic checkout that can call stores on your behalf to check inventory, automatically buy tracked items when prices drop to your target, and provide conversational shopping in AI Mode powered by 50 billion product listings.
5. quickarXiv translates dense research papers into easy-to-read blog posts with figures and explanations—just swap "arxiv" with "quickarxiv" in any paper URL.
6. MagicPath now has a sketchpad that transforms your hand-drawn sketches into interactive, shareable prototypes and applies your design system to convert wireframes into fully-styled components.
7. Milestone tracks which coding assistants your engineers actually use and measures how they impact code quality, delivery speed, and team productivity (raised $10M).
8. Willow lets you dictate emails, messages, and documents across any app on your Mac or iPhone with automatic formatting and punctuation, so you write 5x faster than typing (raised $4.5M).

Around the Horn

1. Cursor (AI coding app) raised $2.3B at a $29.3B valuation just five months after its last round, with the AI coding tool planning to use the capital to develop Composer—its own model to reduce reliance on OpenAI, Anthropic, and Google.
2. NVIDIA rolled out Dynamo software across AWS, Google Cloud, Microsoft Azure, and Oracle Cloud to enable multi-node AI inference with disaggregated serving, delivering up to 2x faster inference and 1.6x higher throughput.
3. OpenAI released research on training sparse neural networks where each neuron connects to only a few dozen others instead of thousands, producing disentangled circuits that are easier to understand and interpret (meaning we can understand how it works better).
4. Upwork launched the Human+Agent Productivity Index showing human-AI collaboration boosted project completion rates up to 70% versus agents working alone across 300+ real client projects.
5. Maryland partnered with Anthropic and Percepta to deploy Claude-powered chatbots across state agencies helping residents apply for food aid, Medicaid, and housing permits, marking one of the first comprehensive multi-agency AI deployments.
6. Apple updated its App Review Guidelines to require apps to explicitly disclose and obtain permission before sharing personal data with third-party AI—a move that could reshape how apps use AI systems as Apple preps its own Gemini-powered Siri upgrade for 2026.
7. Google DeepMind unveiled SIMA 2, a Gemini-powered AI agent that doubled its predecessor's performance by combining language reasoning with embodied skills—navigating virtual worlds, understanding emoji commands (🪓🌲 = chop tree), and teaching itself through self-generated tasks.

FROM OUR PARTNERS

Your AI Is Lying to You.

Most AIs sound confident—even when they’re wrong.

Guru grounds your entire tech stack in verified, permission-aware company knowledge so you can trust every insight, every time.

Join thousands of companies that have made their AI reliable, explainable, and compliant.

Watch a demo

Intelligent Insights

More on this below

1. If you didn’t watch Satya Nadella’s full interview in yesterday’s newsletter, watch this clip, because it explains Microsoft’s POV on the value of applications in the AI era in ~75 seconds.
2. Mark Zuckerberg and Priscilla Chan went on the fantastic Latent Space podcast and detailed their new Biohub's plan to build virtual cell and immune system models using a 10K GPU cluster, aiming to accelerate the timeline to cure all diseases by 2110.
3. OpenAI published a detailed explainer on prompt injection attacks, describing them as a “frontier, unsolved security problem” where malicious instructions hidden in websites can trick AI agents into leaking data or performing harmful actions.
4. VCs are abandoning old investment rules for AI startups that leap from zero to $100M in revenue annually, now weighing data generation, competitive moats, and go-to-market strength alongside traditional metrics.
5. Nano Banana (Google's Gemini 2.5 Flash Image) can apparently be prompt-engineered for extremely nuanced image generation using complex JSON instructions, HTML rendering, and structured prompts, achieving strong adherence to instructions that outperforms ChatGPT, though it struggles with style transfer and has minimal IP restrictions.
6. SitePoint argues that writing is AI's worst use case because prompting for the “perfect” output often takes longer than writing yourself, and using AI robs writers of developing the valuable skill of expressing thoughts clearly.
7. Anand Majmudar published a detailed timeline predicting how robotics will evolve from 2025 to 2045 (full report) predicting…
   1. Robots will comprise half the world's GDP by 2045 through four overlapping eras, from today's narrow teleoperation systems to humanoids learning from human video to the final breakthrough of adaptive long-term memory enabling Embodied General Intelligence.
   2. The the critical insight that robots manufacturing robots creates an exponential self-reinforcing curve like AI research itself, making actuator manufacturing dominance (60% human labor, 30-50% of robot cost) the key battleground in the US-China automation race.
   3. P.S: This takeaways part is 100% worth reading even if you can’t read the whole thing.
8. After reading the Android Dreams report from above, I was inspired to write this post on my new personal blog Futurespective with some ideas I’m playing around with regarding a better way to react to robots taking jobs; call it universal basic skills generation? IDK. Let me know what you think if you read it!

A Cat’s Commentary