Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.

Google researchers have discovered the first evidence of hackers using AI to develop zero-day exploits, autonomous Android backdoors, and automated supply chain attacks against GitHub and PyPI.

Hackers have long used AI models to create phishing pages and identify security vulnerabilities. But according to a new report released today by Google Threat Intelligence Group (GTIG), attackers are now also using artificial intelligence to develop zero-day exploits.

Identifying AI Clues in Malware

GTIG researchers identified an attack scenario where attackers dodged 2FA using a Python script on a web-based administration tool, and were surprised to find that this was a zero-day exploit. While it was suspected that Claude Mythos was used, the team says this is unlikely.

“For the first time, GTIG has identified a threat actor using a zero-day ...