Google has announced the interception of a zero-day exploit, which it believes was built with help from an AI model. The development was reported by Google’s Threat Intelligence Group on Sunday, noting that it caught the zero-day exploit built with the help of artificial intelligence.
In its statement, Google mentioned that a criminal hacking group wrote it as a Python script to bypass two-factor authentication (2FA) in an open-source web admin tool. The company worked with the vendor to stop mass exploitation before it started. Google didn’t blame its own Gemini model. Analysts pointed to structural patterns in the code that strongly suggest AI involvement.
Google links zero-day exploit to AI through its code
In its report, Google noted that based on the structure and content of these exploits, there is high confidence that the actor likely used an AI model to support the discovery and weaponization of the vulnerability. The Python script had unusually detailed educational docstrings, a hallucinated CVSS severity score, and formatting typical of large language model output. That includes structured help menus and a clean color class written in textbook style.
Google hasn’t named the hacking group or the specific tool that was targeted. The report goes beyond the single zero-day case. China and North Korea-linked hackers have shown a strong interest in using AI to find and take advantage of software flaws, according to Google’s Threat Intelligence Group. A Chinese threat group known as UNC2814 attacks telecom and government targets. The group used a technique Google calls persona-driven jailbreaking.
The group instructed an AI model to behave as a senior security auditor, then directed it to analyze embedded device firmware from TP-Link and Odette File Transfer Protocol implementations for remote code execution vulnerabilities. The group prompted an AI model to act as a senior security auditor, then directed it to search TP-Link embedded device firmware and Odette File Transfer Protocol implementations for remote code execution vulnerabilities.
A different group with ties to China used tools called Strix and Hexstrike to attack a Japanese tech firm and a major East Asian cybersecurity company. In addition, North Korean group APT45 took a different approach. It sent thousands of repetitive prompts to recursively analyze known CVE entries and validate proof-of-concept exploits. Google said this method produced “a more robust arsenal of exploit capabilities that would be impractical to manage without AI assistance.”
Google said it uses its own AI tools defensively. The company referenced Big Sleep, an AI agent that identifies software vulnerabilities, and CodeMender, which uses Gemini’s reasoning to automatically patch flaws. Google also said it disables accounts caught misusing Gemini for malicious purposes.
