Share

    • Google Reports Thwarting Zero-Day Exploit Developed With AI Assistance

    By Any May 18, 2026
    Google's threat intelligence group announced it has identified and stopped the first known instance of a zero-day exploit that was developed using AI. The exploit, which was thwarted, reportedly contained AI-generated elements and was designed to bypass two-factor authentication, marking a new phase in AI-assisted cybercrime.
    Google Reports Thwarting Zero-Day Exploit Developed With AI Assistance

    Google Reports Thwarting Zero-Day Exploit Developed With AI Assistance Google says it has disrupted an attempted zero-day cyberattack whose exploit code was partly written by artificial intelligence, underscoring how quickly AI is moving from hypothetical threat to operational tool in hacking.

    Early warnings and discovery

    For years, security researchers have cautioned that AI could help attackers find and weaponize software flaws more efficiently. By early May 2026, those warnings appeared to materialize when Google’s Threat Intelligence Group (GTIG) reported it had blocked “a zero-day hack that it says was developed with AI.”

    According to GTIG, several “prominent cyber crime threat actors” collaborated to identify a bug in a Python script used by a popular open-source, web-based system administration tool, aiming to bypass its two-factor authentication (2FA) protections. Google assessed that AI had been used both to discover and to weaponize the previously unknown vulnerability.

    How the AI-assisted exploit worked

    Researchers say the exploit targeted “a high-level semantic logic flaw where the developer hardcoded a trust assumption” in the platform’s 2FA system. The Python script bore hallmarks of AI generation, including “overly explanatory comments,” a “hallucinated CVSS score,” and “structured, textbook” formatting consistent with large language model output. Axios similarly notes that Google’s assessment relied on “characteristics common in AI-generated code,” from made-up severity ratings to patterns typical of AI-written Python.

    Google says it disrupted the attempted mass exploitation, disclosed the flaw to the vendor, and believes this is “the first time” it has found evidence of AI directly involved in such an attack, while adding it does not think its own Gemini model was used.

    Broader implications and mounting concerns

    GTIG warns that advanced AI models are becoming adept at spotting subtle weaknesses “that conventional cybersecurity tools often fail to catch,” including hidden trust assumptions in login logic. Internally, Google observes attackers using persona-driven jailbreaking and tools like OpenClaw to refine AI-generated payloads and to target AI systems’ own integrated components and data connectors.

    “The reality is that [the AI vulnerability race has] already begun,” said John Hultquist, GTIG’s chief analyst, adding, “For every zero-day we can trace back to AI, there are probably many more out there.”

    [1] The Verge — “Google stopped a zero-day hack that it says was developed with AI”
    https://www.theverge.com/tech/928007/google-ai-zero-day-exploit-stopped

    [2] Axios — “AI-assisted hacking is already here, Google warns”
    https://www.axios.com/2026/05/12/ai-hacking-found-google-report

    Continue reading https://foxvector.com

    Write a comment