DRAGOS has published a threat intelligence report describing an intrusion into a municipal water and drainage utility in Monterrey, Mexico, in which an unidentified threat actor used Claude AI to assist operations. The attack occurred in January 2026 and was part of a broader campaign targeting multiple Mexican government organisations between December 2025 and February 2026, uncovered initially by Gambit Security researchers.
According to Dragos, Anthropic’s Claude served as the primary technical workhorse for intrusion planning, tool development, and problem-solving, while OpenAI’s GPT models handled victim data processing and reporting. Notably, Claude identified a vNode SCADA and IIoT management interface on an internal server during broad internal reconnaissance and recommended it as a high-value target, then directed two rounds of automated credential spraying against a single-password interface.
All attempts failed, and there is no evidence of control-system access. Dragos notes the incident highlights AI tools making OT more visible to attackers, even though autonomous AI-initiated attacks are not reflected in this case. The attacker remains unidentified, tracked as TAT26-12.