GOOGLE says AI is accelerating cyberattacks and zero-day exploits, with attackers already using AI to improve vulnerability exploitation, generate exploit code, and automate attack chains across cloud environments. The report, according to Google Cloud Threat Intelligence team, shows a shift in attacker behaviour toward targeting software flaws and cloud services rather than solely stealing credentials or phishing.
It notes that AI-enabled malware can autonomously interpret system states and dynamically generate commands, signaling a move to autonomous attack orchestration. The findings also reveal that threat actors are exploiting newly disclosed vulnerabilities much faster, sometimes within hours or days of technical details being published, and that AI is used to accelerate reconnaissance, vulnerability scanning, and data exfiltration.
The first known AI-developed zero-day exploit tied to a planned mass attack was identified, with PRC- and DPRK-linked actors reportedly showing interest in leveraging AI for vulnerability discovery. The report emphasises that AI does not replace traditional techniques and urges organisations to strengthen vulnerability management, secure APIs and AI integrations, and tighten third-party relationships. May 11, 2026.