THE article reports that Google has identified, for the first time, a zero‑day exploit believed to have been developed using artificial intelligence. According to Google, the exploit was designed to bypass two‑factor authentication on an open source web‑based system administration tool and was implemented in a Python script. The targeted tool and the hacker group have not been named, but Google said it worked with the impacted vendor to prevent mass exploitation, which appeared to be the threat actor’s plan.
Google noted that the exploit’s structure, educational docstrings, and a hallucinated CVSS score suggested AI involvement in discovery and weaponisation.
It also cites observations that Chinese and North Korean state‑sponsored actors have shown particular interest in AI for vulnerability discovery, with a China‑linked actor deploying Strix and Hexstrike in attacks targeting a Japanese tech firm and a major East Asian cybersecurity company, and a North Korea‑linked group tracked as APT45 reportedly sending thousands of prompts to analyse CVEs and validate PoC exploits.