Google says it has uncovered what may be the first known case of hackers using artificial intelligence (AI) to help develop a “zero-day” cyberattack exploit, marking a major escalation in global cybersecurity threats.
In a report published by its Threat Intelligence Group (GTIG), Google said a criminal hacking group attempted to use an AI-developed exploit targeting a previously unknown software vulnerability in a popular open-source web administration tool.
The exploit was reportedly designed to bypass two-factor authentication (2FA), potentially allowing attackers to gain unauthorized access to systems. Google said the attack was stopped before it could be launched on a large scale.
According to Google, investigators found several indicators suggesting AI assistance had been used during the exploit’s development, including unusual code formatting, explanatory comments, and even a “hallucinated” vulnerability severity score commonly associated with AI-generated output.
Google said it had “high confidence” that an AI model helped discover and weaponize the software flaw, though the company added there was no evidence its own Gemini AI system was involved.
Cybersecurity experts have long warned that AI could eventually help hackers identify software weaknesses faster and automate sophisticated cyberattacks. Google’s findings are now being viewed as one of the clearest real-world examples of those fears becoming reality.
The company also warned that state-linked cyber actors from countries including China, Russia, and North Korea are increasingly exploring AI-powered hacking tools and automated attack systems. (Newswire)
The post Google says criminal hackers used A.I. to find a major software flaw appeared first on Newswire.