Emerging ThreatsMalware & Ransomware

Google Researchers Uncover AI-Developed Zero-Day Exploit

Analyst 207||Source: CyberScoop
Researcher working in clean-room setting with laptop displaying code editor.

"We finally uncovered some evidence this is happening," John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told CyberScoop.

Google Threat Intelligence Group's discovery

Google researchers say they found a zero-day exploit that was developed with meaningful involvement from artificial intelligence and alerted the affected vendor before a planned, large-scale attack could unfold. The company declined to name the specific vulnerability or the “popular open-source, web-based administration tool” it affected, but said the defect impacted a Python script that lets attackers bypass two-factor authentication for the service. The vulnerability has been patched, according to Google's report released Monday.

Technical fingerprints: AI artifacts in the exploit code

GTIG described code artifacts that convinced analysts an AI model played a substantial role in the exploit's creation. Those artifacts included documentation strings in Python, unusually heavy annotation of code, and a hallucinated but non-existent CVSS score embedded in the exploit. Google said these elements were inconsistent with how human developers typically document or annotate exploit code, and that pattern tipped investigators to “the fact AI was heavily involved,” Hultquist said.

What GTIG did — and did not disclose

Google declined to disclose how its researchers discovered the zero‑day or to name the cybercrime group that had been preparing to use it. The company did, however, say the threat group has a “strong record of high-profile incidents and mass exploitation,” language Hultquist used to characterize the attackers as prominent within the cybersecurity community. GTIG said it is fairly confident the threat group used AI “in a meaningful way throughout the entire process,” while stopping short of saying whether AI had originally discovered the vulnerability that later became the exploit.

Model provenance and prior findings

Google told investigators the AI model the attackers used left distinctive signals in the code and that investigators are confident the model was not Google’s Gemini nor Anthropic’s Mythos. The company also noted that GTIG has been anticipating AI-facilitated exploits since its Big Sleep AI agent discovered a zero-day in late 2024. “I think the watershed moment was two years ago when we proved this was possible,” Hultquist said, describing last year’s findings as an inflection point for the group’s expectations about AI-enabled vulnerability development.

How technologists, policymakers, and affected enterprises are likely to respond

  • Technologists and security teams will watch for the same code-level signals GTIG cites — anomalous documentation strings, highly annotated code, and hallucinated reference data (for example, a non-existent CVSS score) — as potential indicators that an exploit was produced or assisted by AI.
  • Policymakers and regulators may take note that GTIG can rule out specific major commercial models (it said the exploit was not produced by Gemini or Mythos), a detail that frames attribution and risk assessments around model provenance rather than only capabilities.
  • Affected enterprises and open-source maintainers will face pressure to patch promptly: Google reported it alerted the vendor and the vulnerability was patched before the planned mass-exploitation campaign began. The episode underscores the operational value of rapid disclosure and remediation when a credible, imminent threat is detected.

GTIG framed the discovery not as an isolated fluke but as a warning. “This is probably the tip of the iceberg and it’s certainly not going to be the last,” Hultquist said. He added that the group expects the trajectory of capability to be “pretty sharp,” and that there will be “more devastating zero-day attacks done over this, especially as capabilities grow.” The concrete elements GTIG released — the bypassing of two-factor authentication via a Python script, the AI-esque annotations and the fabricated CVSS score, and the firm decision that the exploited model was not Gemini or Mythos — make this episode a specific data point in a rapidly evolving risk picture: an AI-assisted exploit was detected and neutralized before a mass campaign, and GTIG believes more such incidents are already in play.

For now the immediate threat was interrupted, the vendor issued a patch, and Google has signaled both the existence and the shape of a new operational problem: attackers are using AI in ways that leave identifiable traces, and defenders are already learning to read them.

Read the original CyberScoop report

Artificial IntelligenceEmerging ThreatsZero-DayOpen-Source SoftwareGoogle Threat Intelligence GroupVulnerability PatchingTwo-Factor Authentication BypassAI-Developed ExploitPython Script Exploit
Related Intelligence

Continue Reading

Brightly lit office setting with computer workstation and server room in background.

Nissan Breach Exposes Employee Data After Oracle PeopleSoft Exploit

Nissan confirmed a data breach exposing employee information after a cyberattack exploited a critical vulnerability in Oracle PeopleSoft, part of a larger campaign that may have compromised hundreds of companies. The breach was tied to a specific threat actor targeting Nissan's personnel records.

Analyst 207
Brightly-lit office setting with a large window and subtle tech hint.

ShinyHunters Breach Exposes NAIC's Public Data

The National Association of Insurance Commissioners (NAIC) revealed that a breach exposed its public data after an unauthorized third party exploited a PeopleSoft vulnerability, identified as CVE-2026-35273, tied to the notorious ShinyHunters extortion group. This security issue allowed attackers to gain access to a portion of NAIC's IT systems, compromising sensitive information.

Analyst 207
Laptop on a desk with a Google Chrome browser window open displaying a search engine results page.

Malicious Chrome Extension Exploits Search Functionality for Data Interception

A malicious Chrome extension, masquerading as a popular AI search engine, was discovered to be secretly logging users' searches and address bar inputs, with Microsoft confirming that the data collection was no accident. The extension, since removed by Google, cleverly disguised itself as a legitimate tool, routing queries through an attacker-controlled server.

Analyst 207
Brightly-lit industrial setting shows subtle signs of disruption.

The Gentlemen Ransomware Gang Exposes Advanced Tactics

Meet The Gentlemen, a notorious ransomware gang that's made a name for itself with sophisticated tactics, ranking among the top 10 ransomware actors in just a few months. Since February 2026, they've been wreaking havoc across industries and geographies, with a strong presence in Brazil, China, Indonesia, Taiwan, and Thailand.

Analyst 207