Shocking Google Discovery: AI Used to Create a Zero-Day Exploit for the First Time

A recent report prepared by the Google Threat Intelligence Group (GTIG) has confirmed the fears that had long circulated among cybersecurity analysts.

Groups of highly skilled hackers have begun to exploit AI tools to develop and launch zero-day exploits.

This discovery highlights how emerging technologies can become formidable weapons if exploited by malicious actors seeking software vulnerabilities still unknown to software vendors.

Google discovers a zero-day flaw created with AI

The technical document details the identification of malicious code explicitly designed to trigger a large-scale offensive. Specifically, the criminal software exploited a hidden flaw in a Python script to bypass two-factor authentication systems, an essential security measure for protecting private accounts.

Fortunately, security teams managed to isolate and fix the problem before the threat could spread and massively compromise users.

Algorithm fingerprints

Experts have concluded that artificial intelligence played a primary role by carefully analyzing the architecture of the code itself. During the investigations, researchers isolated specific text strings that commonly appear in datasets used to train large language models (LLMs).

Additionally, the analyzed software exhibited a completely invented CVSS score. This is a clear sign of algorithmic “hallucination,” a phenomenon entirely comparable to what recently occurred in the legal field, when some automated systems cited nonexistent cases and rulings.

Although checks rule out direct involvement of the Google Gemini model, the report notes that cybercriminals fragment their activities using various accounts on multiple different platforms, precisely to evade security checks.

Beyond the sheer discovery of new vulnerabilities, these technologies raise concerns about their ability to drastically shorten malware development times. Sabotage operations that in the past required months of meticulous work and extensive testing can now be packaged and executed within tiny time windows.

Additionally, the use of artificial intelligence to orchestrate increasingly sophisticated scams. A recent emblematic case involved the creation of fake customer-support operators, artificially generated voices to deceive victims and steal Gmail login credentials with an impressively high degree of realism.

The response of tech companies

Despite these evident issues, the same technologies also serve as a valuable shield for the software industry.

Many companies already employ advanced automated systems to proactively scan their own code, identifying and neutralizing weak points before public release.

As an example, Mozilla recently stated that it had identified and fixed as many as 423 security bugs in a single month thanks to these tools, demonstrating how modern cybersecurity defense is turning into a rapid competition between algorithms.