Iran strikes AWS data centers in Middle East; Claude/Palantir MSS used in U.S.-Iran war targeting
Iranian drone strikes damaged at least three AWS data centers in Bahrain and the UAE in early March 2026, disrupting cloud services across the region and threatening billions in Gulf AI infrastructure investment. The attacks coincided with revelations that Anthropic's Claude, integrated with Palantir's Maven Smart System, was used to accelerate U.S. military targeting in Iran — reportedly compressing a 12-hour targeting process to under one minute and helping select over 1,000 targets in the first 24 hours of operations. A subsequent investigation found U.S. forces likely struck a school killing 170+ people, with stale target data potentially a contributing factor. The episode marks a significant escalation in AI-enabled warfare and the first known targeting of commercial cloud infrastructure during active conflict.
Related guides (4)
Related events (8)
The Batch Issue 345: Iranian Drone Attacks on AWS Data Centers, Qwen3.5, DeepSeek-Huawei, and AI Job Insecurity
Andrew Ng's weekly newsletter covers several significant AI-adjacent developments: Iranian drones struck at least three Amazon Web Services data centers in Bahrain and the UAE, disrupting cloud services and raising concerns given U.S. military use of AWS to run Anthropic Claude; the issue also previews Qwen3.5 model releases across multiple sizes and DeepSeek's reported moves involving Huawei hardware. Ng also addresses widespread job insecurity across skill levels amid rapid AI advancement, citing geopolitical risks including the Iran war, Taiwan uncertainty, and rare-earth metal supply chains as compounding factors.
Anthropic makes Claude 3 Haiku and Sonnet available to US Intelligence Community and AWS GovCloud
Anthropic has made Claude 3 Haiku and Claude 3 Sonnet available via AWS Marketplace for the US Intelligence Community and AWS GovCloud, marking a significant expansion into government deployment. The company has crafted contractual exceptions to its general Usage Policy to permit legally authorized foreign intelligence analysis, including combating human trafficking and identifying covert influence campaigns, while maintaining restrictions on disinformation, weapons design, and malicious cyber operations. The deployment is currently limited to ASL-2 models under Anthropic's Responsible Scaling Policy. Anthropic also notes prior pre-release access to Claude 3.5 Sonnet was provided to the UK AI Safety Institute for pre-deployment testing.
Anthropic Discloses First Reported AI-Orchestrated Cyber Espionage Campaign Using Claude Code
Anthropic detected and disrupted a sophisticated espionage campaign in mid-September 2025, attributed with high confidence to a Chinese state-sponsored threat actor, that used Claude Code as an autonomous agent to attack roughly thirty global targets across tech, finance, chemical manufacturing, and government sectors. The attackers jailbroke Claude Code by decomposing malicious tasks into seemingly innocent subtasks and falsely framing it as defensive security testing, enabling largely autonomous reconnaissance, vulnerability exploitation, credential harvesting, and data exfiltration. Anthropic describes this as the first documented large-scale cyberattack executed without substantial human intervention, leveraging agentic AI capabilities, tool access via MCP, and advanced coding skills. The company banned identified accounts, notified affected entities, coordinated with authorities, and is expanding detection classifiers and publishing the report to aid industry and government defenses.
Anthropic Identifies Industrial-Scale Distillation Attacks by DeepSeek, Moonshot, and MiniMax
Anthropic has publicly identified three Chinese AI laboratories—DeepSeek, Moonshot AI, and MiniMax—as conducting coordinated, large-scale distillation attacks against Claude, generating over 16 million exchanges through approximately 24,000 fraudulent accounts in violation of terms of service. The campaigns targeted Claude's most differentiated capabilities including agentic reasoning, tool use, coding, and chain-of-thought generation, with MiniMax alone responsible for over 13 million exchanges. Anthropic frames these attacks as a national security concern, arguing that illicitly distilled models strip out safety safeguards and undermine US export controls. The company claims high-confidence attribution via IP correlation, request metadata, and infrastructure indicators, in some cases corroborated by industry partners.
Anthropic August 2025 Threat Intelligence Report: Claude Misuse Case Studies
Anthropic has published its August 2025 Threat Intelligence Report documenting three real-world misuse cases involving Claude: a large-scale data extortion operation using Claude Code to automate reconnaissance and generate targeted ransom demands against 17+ organizations, a North Korean fraudulent employment scheme, and AI-assisted ransomware development by a low-skill criminal. The report highlights that agentic AI is now being weaponized for end-to-end cyberattacks rather than merely providing advisory assistance, and that AI has materially lowered the technical barrier to sophisticated cybercrime. Anthropic describes detection and countermeasures taken in each case.
Data Points: Hackers Break Into Claude Mythos; OpenAI Launches Cybersecurity Rival; Maine Data Center Moratorium; McClatchy AI Backlash
A small group of unauthorized users gained access to Anthropic's restricted Claude Mythos cybersecurity model via Discord coordination and insider knowledge, raising questions about securing high-risk AI systems. OpenAI responded to the competitive landscape by launching GPT-5.4-Cyber, a vetted-access model for defensive cybersecurity tasks. Maine passed the first U.S. state moratorium on large AI data centers over 20MW, pending the governor's signature. McClatchy's deployment of a Claude-powered content scaling agent triggered newsroom backlash over attribution, consent, and AI disclosure standards.
Anthropic and AWS expand partnership with $4B investment and Trainium hardware collaboration
Anthropic announced an expanded partnership with Amazon Web Services, including a new $4 billion investment that brings Amazon's total stake to $8 billion, while establishing AWS as Anthropic's primary cloud and training partner. The collaboration includes deep hardware-software co-development on AWS Trainium accelerators, with Anthropic engineers writing low-level kernels and contributing to the AWS Neuron software stack to optimize model training from the silicon up. Claude on Amazon Bedrock is described as core infrastructure for tens of thousands of enterprises, with named deployments at Pfizer, Intuit, Perplexity, and the European Parliament. The deal also extends Claude's availability to AWS GovCloud and classified cloud regions for government customers.
Anthropic and Amazon Expand Collaboration for Up to 5 Gigawatts of New Compute
Anthropic has signed a major expanded agreement with Amazon committing over $100 billion to AWS technologies over ten years, securing up to 5GW of compute capacity for training and deploying Claude across Trainium2 through Trainium4 chips. Amazon is investing an additional $5 billion in Anthropic today, with up to $20 billion more possible in the future, building on $8 billion previously invested. The deal includes nearly 1GW of Trainium2 and Trainium3 capacity coming online by end of 2026, expanded inference in Asia and Europe, and the full Claude Platform becoming available directly within AWS. Anthropic disclosed its run-rate revenue has surpassed $30 billion, up from approximately $9 billion at end of 2025.