Google halts first known AI-assisted zero-day exploit targeting system administration tools
Google's Threat Intelligence Group has disrupted a planned mass attack on an open-source platform, citing hallucinated scores and textbook formatting as evidence of AI involvement in crafting the exploit.
Google's Threat Intelligence Group has confirmed the identification and disruption of a zero-day exploit developed with the assistance of artificial intelligence. This incident marks the first time the security firm has found evidence of AI involvement in the creation of such an attack, signalling a significant shift in how cyber threats are being engineered.
The malicious Python script targeted an unnamed open-source, web-based system administration tool, aiming to bypass its two-factor authentication system. Researchers discovered that the attack exploited a hardcoded trust assumption within the platform's security logic, allowing adversaries to gain unauthorised access without the required verification codes.
Analysis of the code revealed specific markers consistent with Large Language Model training data. These included a hallucinated CVSS score and a structured, textbook-style formatting that distinguished the script from manually written code. While Google explicitly states it does not believe its own Gemini model was used, the indicators suggest the exploit was refined by external AI tools.
The attack was part of a coordinated plan by prominent cyber crime threat actors to execute a mass exploitation event. Google managed to disrupt the specific exploit before it could be deployed, but the incident serves as a stark warning that adversaries are increasingly leveraging AI to discover vulnerabilities and refine attack payloads.
Beyond the immediate threat, the report highlights a broader trend where attackers are targeting the integrated components that grant AI systems their utility, such as autonomous skills and third-party data connectors. Security experts note that hackers are also employing persona-driven jailbreaking techniques to trick AI into finding security flaws for them.
As the industry grapples with the dual-use nature of generative models, this event underscores the urgent need for updated security frameworks. The growing reliance on AI for both defence and offence suggests that the next generation of cyber warfare will be defined by the speed and precision of algorithmic threat generation.
