TLDR
- Google’s Threat Intelligence Group confirmed the first known case of hackers using AI to find and weaponize a zero-day vulnerability.
- The attack targeted a widely used open-source system administration tool and was blocked before mass exploitation.
- AI was used to bypass two-factor authentication by finding a hidden flaw in the software’s login logic.
- State-linked groups from North Korea and China are also testing AI in cyberattack workflows.
- Google’s chief analyst warned: “The AI vulnerability race isn’t imminent β it’s already begun.”
Alphabet’s (GOOGL) Google published a report Monday from its Threat Intelligence Group revealing what it believes to be the first confirmed case of cybercriminals using artificial intelligence to discover a zero-day vulnerability β and then build an exploit for it.
Live price: $388.64 (-3.01%)
Google just dropped a bombshell. A threat actor used an AI-developed zero-day exploit for the first time. Yeah, AI isnβt just making art anymore. It's getting into the hacking game. This could shake up cybersecurity approaches.
Meanwhile,β¦ pic.twitter.com/maWOdDxAWv
— AliceMia (@Alice_MiaX) May 12, 2026
The attack targeted a widely used open-source system administration tool. Google said it was blocked before it could be used in a mass exploitation event. The company has since disclosed the flaw to the vendor.
GOOGL closed Monday at around $166, up modestly on the session, as the report drew attention to Google’s growing role in tracking AI-enabled threats.
The vulnerability involved a hidden trust assumption in the software’s login logic. Hackers used AI to spot it β something conventional security tools had missed β and then used it to bypass two-factor authentication protections.
Google identified the attack as AI-generated based on specific code characteristics: overly explanatory comments, a fabricated severity rating for the bug, and coding patterns typical of AI-written Python scripts.
The criminal groups behind the attack were not named in the report. Google said multiple “prominent cybercrime threat actors” worked together to identify and weaponize the flaw.
What the Threat Intelligence Group Found
John Hultquist, chief analyst at Google’s Threat Intelligence Group, said the findings are likely “the tip of the iceberg.” He added that for every AI-linked zero-day Google can trace, there are “probably many more out there.”
The report also documented North Korean military hacking group APT45 using AI to test and validate thousands of exploits targeting known software flaws.
Chinese state-linked actors were also flagged as experimenting with AI in attack workflows, though techniques remain at early stages.
Google uncovered a separate piece of malware, dubbed PromptSpy, which uses Google’s own Gemini model to autonomously navigate Android devices β interpreting on-screen activity and issuing commands in real time with limited human input.
State-Backed Hackers Getting in on AI
The shift described in the report isn’t just criminals working faster. It’s about AI becoming an active component in cyberattacks β analyzing targets, writing code, and making decisions without a person in the loop.
That’s a different threat model than what most organizations have planned for.
Financial regulators in Europe have already flagged similar concerns, warning that rapidly evolving AI is increasing the speed and scale of cyber risks β particularly during a period of heightened geopolitical tension.
The report notes that Russia and North Korea-linked groups are also integrating AI into attack pipelines, though Google said all of these efforts are still relatively early in development.
Hultquist’s summary was direct: “There’s a misconception that the AI vulnerability race is imminent. The reality is that it’s already begun.”
Google said it has disclosed the zero-day flaw to the affected vendor after blocking the attempt.
π¨ Our MAY Stock Picks Are Live!
A new month means new opportunities. Our analysts have just released their top stock picks for May, highlighting companies with strong momentum that rank highly on our KO Score algorithm. Weβre also now sharing trade ideas for both long-term and short-term investors, giving you more ways to spot potential opportunities in the market.
Sign up to Knockout Stocks today and get 50% off to unlock the full list and see which stocks made the cut.
Use coupon code Special50 for your exclusive discount!
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
