Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google Threat Intelligence Group reports the first observed instances of AI being used to create zero-day exploits and autonomous malware, describing an Android backdoor (PROMPTSPY), supply-chain code injections into developer tools (LiteLLM, Checkmarx) by TeamPCP/UNC6780, credential theft via the SANDCLOCK stealer, and AI-driven reconnaissance and agentic attack workflows used by PRC- and DPRK-linked actors; researchers also identified machine-generated coding artifacts and AI-enabled deepfake information operations.