Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group reported the first observed case of threat actors using AI to identify and weaponize a zero-day that bypassed two-factor authentication in a widely used open-source system administration tool; the vendor and Google patched the issue and disrupted the campaign before the exploit was deployed. The report warns that both nation-state and criminal groups are increasingly using LLMs for vulnerability discovery, malware development, obfuscation, and operational support, accelerating the speed and sophistication of attacks.