Google announces its first-ever discovery of a zero-day exploit made with AI

Source: Engadget

Michael Vi/Shutterstock

Discovery of AI-Generated Zero-Day Exploit

Google’s Threat Intelligence Group (GTIG) announced that it had discovered, for the first time, a threat actor using a zero‑day exploit that appears to have been developed with artificial intelligence. Zero‑day vulnerabilities are especially dangerous because they are unknown to the target, leaving no time to prepare a defense.

The GTIG report said the actor was planning a “mass exploitation event,” but Google’s proactive discovery may have prevented it. While Google does not believe its own Gemini models were used, it has “high confidence” that an AI model was involved in both discovering the vulnerability and weaponizing the exploit.

Details of the Threat

The report did not identify the targeted company, only noting that Google notified the unnamed organization, which then patched the issue. The bad actors were not named, though the report hinted that groups linked to China and North Korea have shown “significant interest” in using AI for exploiting security vulnerabilities.

In an interview with The New York Times, John Hultquist, chief analyst at GTIG, described the incident as “a taste of what’s to come” and “the tip of the iceberg,” calling it the first “tangible evidence” of AI‑driven attacks. Google’s report also noted that threat actors have been employing AI at various stages of cyber‑attacks, while emphasizing that “AI can also be a powerful tool for defenders.”

Industry Response

Other companies are similarly leveraging AI for defensive purposes. Last month, Anthropic announced Project Glasswing, an initiative that uses Claude Mythos Preview to identify and protect against “high‑severity vulnerabilities.”