Do I believe there was someone from China that tried using Claude to do something malicious? Sure, from a pure statistical perspective it was inevitable.

Do I believe that someone was a part of some sophisticated state-backed APT? Not even a little bit.

In fact I'll go as far as to state that there's nobody technical inside Anthropic that believes it. The entire "technical sophistication" section of that report is half a page long and the only thing it says is that "someone used some MCP servers to point some open source tools at a target". Yet Anthropic's marketing team still had the balls to attribute that to a state-sponsored group within that same report and media ate it up.