OpenAI and Anthropic LLMs Involved in Cyber-Attack on Mexican Water Utility
Cybersecurity researchers at Dragos have reported that commercial large language models (LLMs) from OpenAI and Anthropic were used in a cyber-attack targeting a municipal water and drainage utility provider in Mexico. The attack, which occurred between December 2025 and February 2026, involved a significant compromise of the utility's IT environment, escalating into an attempted breach of its operational infrastructure (OT). The attackers utilized Anthropic's Claude AI and OpenAI's GPT models to plan and execute the campaign, employing AI-generated malicious scripts as offensive tools. Despite the breach of the OT system being ultimately unsuccessful, the incident highlights the potential for commercial AI tools to be exploited by adversaries with no prior experience in targeting OT environments. 
