Story Content

The first-ever AI-generated zero-day exploit was detected in real life by Google. Google is identifying the first real-life zero-day exploit created by an AI program.

In a dubious historical development, Google Threat Intelligence Group (GTIG) has discovered the first known case of an attack group employing AI to create a wicked zero-day attack.

The exploit, which was found in a Python script, aimed to defeat two-factor authentication (2FA) for a common web-based, open-source system administration software. But a big cybercrime group was waiting to attack in bulk, and Google warned the vendor in time, which led to a quick patch.

Successful evidence of AI participation was also observed, such as LLM-like educational docstrings, hallucinated CVSS scores, and LLM-like structured reasoning. The results are not Google-associated with its own Gemini, but they are the first confirmed malicious exploitation of AI for zero-day discovery and weaponization.

This case demonstrates the growing concern about using AI in cybersecurity, which can help identify vulnerabilities more quickly than traditional approaches. AI-powered cyber attacks are an indicator of what is to come, experts say. The complete GTIG report will be published May 11th, 2026.