Your AI Tool Is Also the Adversary’s Tool.

Between December 2025 and February 2026, a single unknown attacker compromised nine Mexican government organizations and attempted to breach the operational technology environment of a municipal water utility serving the Monterrey metropolitan area.
Researchers at Gambit Security recovered the campaign materials. Dragos, an industrial cybersecurity firm, was brought in to assess the water-utility intrusion. Their joint finding: the attacker used Anthropic’s Claude and OpenAI’s GPT-4.1 as the operational center of the intrusion. Claude wrote the exploits. GPT processed the data and generated the Spanish-language output. The attacker sent more than 1,000 prompts to Claude over the course of the campaign.
The part worth pausing on is what the AI did without being told. After breaching the water utility’s enterprise network, the AI independently identified a server hosting an industrial control gateway, assessed it as a high-value target, researched vendor documentation, and launched password-spray attempts against it. The OT breach attempt failed. The autonomous pivot is the new thing.
So what this means for a business owner: the AI tools your team is adopting to move faster are the same tools attackers are using to plan and rehearse intrusions against you. That is not a reason to stop using them. It is a reason to add them to what your security posture covers, the same way you cover the rest of your production software.
Three questions worth asking this week. What AI tools are people on your team using, and which are approved. What can the AI do that a person would otherwise have to ask permission to do. When the next AI tool update ships, who patches it.
The accountability gap is the vulnerability.
NexusTek is a CMMC Level 2 certified managed service provider serving small and mid-sized businesses across the United States.
