The First AI-Crafted Zero-Day Was Easy to Spot. The Next One May Not Be

GTIG reported the first publicly confirmed AI-assisted zero-day (a Python-based 2FA bypass) in an open-source admin tool, while separate incidents show supply-chain compromise of the LiteLLM AI gateway embedding credential stealers used to exfiltrate AWS and GitHub tokens that funded ransomware; APTs and criminal groups are using LLMs, agentic frameworks, and proxy APIs to automate discovery, weaponization, and obfuscation at scale, prompting recommendations to treat AI-assisted exploitation as an immediate threat and invest in data-layer governance, containment, and credential hygiene.