Criminals have already used AI to create a zero-day exploit

Luckily patched before mass deployment

Researchers at Google say they have uncovered the first known case of hackers using AI to develop a zero-day cyber exploit.

The finding, revealed by the company's Threat Intelligence Group (GTIG), involved malicious code designed to exploit an undisclosed vulnerability in a Python authentication script, allowing attackers to bypass two-factor authentication.

Zero-day exploits are among the most dangerous tools in cybersecurity because they target flaws unknown to software developers, leaving organisations with "zero days" to prepare defences before attacks begin.

"For the first time, GTIG has identified a threat actor using a zero-day exploit that we believe was developed with AI," Google researchers said in a report released on Monday.

According to the report, the exploit was discovered and patched before it could be deployed on a large scale.

"The criminal threat actor planned to use it in a mass exploitation event, but our proactive counter discovery may have prevented its use," the researchers wrote.

Investigators determined AI had likely been used in the exploit after analysing unusual patterns within the malicious code.

Among the clues were fragments of text commonly found in large language model (LLM) training datasets and a fabricated Common Vulnerability Scoring System (CVSS) rating, an apparent hallucination similar to those sometimes produced by generative AI systems.

Such hallucinations occur when AI models generate plausible but false information.

Similar incidents have previously caused embarrassment for legal professionals after AI chatbots cited non-existent court cases in official filings.

Google said it did not believe its own Gemini AI platform had been used to generate the exploit. However, researchers concluded with "high confidence" that some form of AI assistance was involved in identifying and weaponising the vulnerability.

The report also warned that hacking groups linked to China and North Korea had shown "significant interest" in using AI systems to discover software flaws.

Rise in AI-assisted cyberattacks

The discovery comes amid a sharp rise in AI-assisted cyberattacks worldwide.

Cyber criminals are increasingly turning to automated tools capable of scanning systems, writing malicious code and generating convincing phishing campaigns.

A recent industry report found AI-driven bot attacks increased from roughly 2 million incidents globally last year to more than 25 million in 2026 already.

At the same time, major AI developers including Anthropic and OpenAI have been racing to build defensive systems capable of identifying vulnerabilities faster than human researchers.

Anthropic recently unveiled its cybersecurity model, Mythos, which can automatically uncover weaknesses in major operating systems and web browsers.

Access to the tool has been restricted to a small number of technology firms and financial institutions, but it has already been exploited by unauthorised users.

The rapid evolution of AI capabilities is lowering the barrier for large-scale cyber intrusions.

Earlier this year, researchers at Amazon said a Russian-speaking threat actor used generative AI tools to help compromise more than 600 FortiGate firewalls across 55 countries in a five-week campaign.

That operation relied largely on exposed management systems and weak passwords rather than sophisticated zero-day exploits.

In February, Google said state-backed hacking groups from China, Iran, North Korea and Russia were using Gemini AI system to assist with nearly every stage of cyber operations.

GTIG researchers said they had observed advanced hacking groups using AI tools for reconnaissance, phishing campaigns, malware development, vulnerability testing and post-breach data theft.