Cybernews reported on May 29 that cloud security firm Sysdig released a hacking case it believes involved an AI agent making real-time decisions as it carried out the attack.

The report said the attackers broke in through a vulnerability in an exposed Marimo notebook and then collected cloud access keys and database credentials. Using the stolen credentials, they obtained an SSH key stored in AWS Secrets Manager and accessed internal servers. Within 2 minutes of connecting to an SSH bastion host, they extracted the internal database’s structure and contents. The entire process, from the Marimo notebook intrusion to dumping an internal Postgres database, was completed within 1 hour.

Sysdig research chief Michael Clarke (마이클 클라크) said his analysis suggests an AI agent was involved given multiple indications.

The attacker dumped database tables whose existence had not been confirmed, based only on their table names. Command logs included a planning note in Chinese that read, "Let’s see what else we can do next." Clarke said, "Prebuilt scripts do not have this kind of internal monologue inside," and added, "Leaving a memo like this while maintaining SSH sessions from 6 different IPs at intervals of less than 1 second is not a human but an AI orchestrator."

He also cited the way command output was organized to be easy for another system to read as evidence of AI involvement.

Sysdig said the case shows a shift in which hackers are not being replaced by AI, but are replacing scripts with AI. Clarke said, "Attack complexity is not increasing; costs are dropping," and added, "As the speed and cost of building this level of intrusion attack fall, similar breaches will increase."