Google: First discovery of hackers using AI to develop "zero-day" exploit tools

Google: First discovery of hackers using AI to develop "zero-day" exploit tools

```

Google security researchers have discovered that a cybercriminal group has used artificial intelligence to generate a hacking tool, successfully identifying an unknown vulnerability in a widely-used system management software, and attempting to weaponize it.

This is the first time Google has detected an attack using AI to generate a "zero-day vulnerability," signaling that AI-driven cyberattacks have evolved from theoretical threats to reality. A zero-day vulnerability refers to a flaw unknown to developers, giving defenders no time to fix it before it is exploited.

According to a report released by Google on Monday, the vulnerability could be used to bypass multi-factor authentication and infiltrate the internal networks of affected organizations. Before hackers could deploy the attack, Google alerted the developer of the affected software, who promptly patched the vulnerability. As a result, the attack was foiled.

Google stated they are "highly confident" that AI was involved in both the discovery and weaponization of the vulnerability. Although the attack was intercepted in time, Google researchers pointed out that such threats are now real and not hypothetical, posing a direct challenge to corporate cybersecurity defense systems.

Google does not disclose more details, but excludes Mythos and Gemini involvement

Google's report did not reveal the name of the cybercriminal group, the affected software, or the large language model used by the hackers.

A Google spokesperson said researchers believe the vulnerability was not generated by Anthropic PBC's Mythos model or Google's own Gemini model. Google also did not specify the exact time the vulnerability was discovered, only stating it was "recent."

The attack targeted a web-based system management tool widely used by enterprises.

Such tools are used for remote configuration and management of servers, websites, and applications, covering critical functions like security settings, employee account management, and system data access permissions. If compromised by attackers, they pose a severe threat to corporate information security.

AI security issues continue to ferment

The disclosure of this incident comes in the context of heightened sensitivity around AI safety issues.

Anthropic announced in April this year that it would not broadly release its new Mythos model to the public—the reason being that the model can autonomously identify and exploit software vulnerabilities, which the company considers a security risk.

The capabilities of Mythos have attracted widespread attention. The White House has already taken steps to address the potential malicious use of large language models, and government officials have held emergency meetings with leaders in the tech and industry sectors.

Google researchers say the case they uncovered further proves that such concerns are not unwarranted—attackers are turning AI capabilities into real cyber weapons, and defenders must remain highly vigilant against this new threat.

Risk Warning and DisclaimerThe market involves risk, and investment requires caution. This article does not constitute personal investment advice and does not take into account the specific investment goals, financial situation, or needs of individual users. Users should consider whether any opinions, viewpoints, or conclusions in this article are suitable for their specific circumstances. Investments made based on this article are at your own risk. ```