Google spotted an AI-developed zero-day before attackers could use it

Google's Threat Intelligence Group discovered an AI-assisted zero-day exploit targeting a Python-based component of a popular open-source web administration tool that bypassed two-factor authentication. The vendor was notified and a patch released before a prominent cybercrime group could carry out a planned mass-exploitation campaign; GTIG observed artifacts in the exploit code indicating substantial AI involvement, marking a concerning escalation in attacker capability.