Google reports that a cybercrime group discovered a zero-day vulnerability that allowed them to bypass two-factor authentication using AI.
Recent advancements in AI have made it possible to discover software vulnerabilities that previously went unnoticed, posing a cybersecurity threat. Google Threat Intelligence Group (GTIG) has now reported that a prominent cybercrime threat actor was using AI to discover
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access | Google Cloud Blog
https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access/
Google says it disrupted an AI-driven effort to exploit a software bug | AP News
https://apnews.com/article/google-ai-cybersecurity-exploitation-mythos-926aea7f7dc5e0e61adce3273c55c6d4
Google thwarts effort hacker group use AI 'mass exploitation event'
https://www.cnbc.com/2026/05/11/google-thwarts-effort-hacker-group-use-ai-mass-exploitation-event.html
In a report published on May 12, GTIG reported that cybercriminals are using AI to exploit vulnerabilities, expand cyberattacks, and discover undisclosed zero-day vulnerabilities. GTIG points out that while AI enhances cybersecurity research, it also makes it easier for attackers to reverse engineer applications and develop sophisticated AI-generated exploits.
According to GTIG, a 'prominent cybercrime threat actor' had already used AI to find a zero-day vulnerability in widely used open-source software. This software is a web-based system administration tool, and it was possible to bypass two-factor authentication by exploiting a vulnerability in a Python script.
GTIG has already reported working with affected vendors to responsibly disclose the vulnerability and prevent cyberattacks. GTIG stated, 'While we do not believe Gemini was used, the structure and nature of these exploits strongly suggest that the attackers likely utilized AI models to help discover and exploit this vulnerability.'
While the threat actors who used AI to find the zero-day vulnerabilities have not been publicly identified, there was no evidence to suggest any ties to governments hostile to the United States. On the other hand, GTIG also reported that hacker groups, particularly those linked to China and North Korea, have shown a high level of interest in AI-based vulnerability analysis.
AI can analyze software code at speeds impossible for humans, quickly discovering exploitable vulnerabilities. Hackers can use AI to find zero-day vulnerabilities that developers haven't addressed, allowing them to steal data or deploy ransomware and demand ransom.
John Hultquist, chief analyst at GTIG, pointed out that the findings demonstrate how malicious hackers are leveraging AI to dramatically increase their ability to infiltrate computers worldwide. 'It's already begun. The era of AI vulnerabilities and exploits has already arrived,' he said.
In April 2026, Anthropic announced ' Claude Mythos Preview ,' an AI model with advanced vulnerability detection capabilities. Following this, governments and companies around the world have begun to express concerns about the risks of AI-driven vulnerability detection, and it is said that open-source projects, which operate with limited resources, may not be able to keep up with the speed of AI-driven vulnerability detection.
The speed at which vulnerabilities in 'Claude Mythos Preview' and 'GPT-5.4-Cyber' are discovered may make it difficult for OSS maintainers to keep up, potentially increasing risks - GIGAZINE
On the other hand, companies can also use AI to discover vulnerabilities; Mozilla has reported discovering 271 vulnerabilities in Firefox using Claude Mythos Preview.
Mozilla explains the system that discovered 271 vulnerabilities in Firefox using Claude Mythos Preview - GIGAZINE
Related Posts:
