WASHINGTON, May 12 — Google has revealed a major cybersecurity incident that experts describe as a turning point in the cyber threat landscape after hackers reportedly used artificial intelligence (AI) to help develop a “zero-day” exploit a software vulnerability previously unknown to security researchers.According to a report released by Google Threat Intelligence Group, the cybercriminal group used AI models to identify weaknesses in a widely used open-source system administration tool.
Google said the planned attack was successfully blocked before it could be deployed on a large scale but researchers warned that the discovery signals a new era where AI is becoming an active component in sophisticated cyberattacks. The company described the incident as the first documented case in which attackers used AI to discover a previously unknown vulnerability and attempt to weaponize it for broader exploitation.
Investigators found signs that AI had been involved in developing the exploit, including automatically generated code structures, explanatory comments and even fabricated security scoring data commonly associated with large language models (LLMs). John Hultquist, chief analyst at Google Threat Intelligence Group, said the findings are likely only the “tip of the iceberg” in terms of how both criminal organizations and state backed hackers are experimenting with AI-driven cyber operations.
The report also warned that hackers are increasingly automating parts of their operations using AI systems capable of scanning for vulnerabilities, generating malicious code, analyzing targets and making tactical decisions with minimal human intervention. Cybersecurity experts believe this marks the early stages of a broader shift toward semi-autonomous cyber warfare, where AI tools could dramatically reduce the time and technical expertise needed to launch advanced attacks.
The findings come amid growing concern among governments and regulators worldwide over the rapid advancement of powerful AI models. Officials fear these systems could make it easier for hackers to identify targets and exploit both known and newly discovered software vulnerabilities. Google’s report also noted that cybercriminal groups and state linked actors connected to China, Russia and North Korea are already experimenting with integrating AI directly into their attack workflows.
Security analysts say the emergence of AI-assisted hacking could trigger a global “AI arms race” in cybersecurity, with companies and governments racing to develop defensive AI systems capable of countering increasingly automated attacks.
