Google Blocks a Zero-Day Attack Developed with AI Assistance: This is the First Documented Case

Artificial intelligence continues to expand its reach into the cybersecurity sector, but not just from a defensive standpoint.

Google has stated that it has identified and neutralized what it believes to be the first zero-day exploit developed with the direct support of AI tools. The discovery comes from an investigation by the Google Threat Intelligence Group (GTIG), which identified a group of cybercriminals intending to exploit the vulnerability in the context of a potential mass attack. The attack would have allowed bypassing the two-factor authentication mechanisms of an unspecified open-source web administration tool.

According to the report published by Google, analysts found several clues suggesting the use of generative models during the development of the exploit. These included "hallucinations," such as a non-existent CVSS score embedded in the Python script used for the attack, alongside a code and documentation structure considered consistent with typical outputs of Large Language Models (LLM).

The vulnerability exploited a high-level logical error in the authentication system: the software, as explained by GTIG, included a hardcoded "trust assumption" that allowed manipulation of the 2FA verification flow. Google notified the affected company, which subsequently distributed a corrective patch before the exploit could be employed on a large scale.

Google emphasizes that it does not believe Gemini models were used in the operation, but states it has a "high level of confidence" that an AI system contributed both to identifying the vulnerability and to creating the functioning exploit. Google also cites the use of OpenClaw, an open-source framework observed in activities related to refining AI-generated payloads in controlled environments, likely with the goal of enhancing their reliability and stability before actual deployment.

The document also mentions groups linked to China and North Korea as particularly interested in using artificial intelligence for offensive activities in cyberspace, although Google has not formally attributed this specific case to any state actor or specific group.

John Hultquist, chief analyst at GTIG, described the episode as "a taste of what's coming" and "only the tip of the iceberg," emphasizing that this represents the first concrete and documented example of AI directly used in the development of a zero-day exploit.

At the same time, companies in the sector are also accelerating their defensive efforts. Google highlights how artificial intelligence can become an effective tool for identifying vulnerabilities and preventing attacks before they can be exploited. This direction is also shared by Anthropic, which recently announced Project Glasswing, an initiative based on Claude Mythos Preview dedicated to the proactive identification of critical vulnerabilities.