Google claims that it has discovered hackers using AI to develop "zero-day" vulnerability exploitation tools for the first time.

Google's security researchers said they believe that a cybercriminal group has developed a hacking tool using artificial intelligence that can bypass the defense mechanisms in software widely used to manage computer systems. According to a report released on Monday, this scheme was thwarted after Google issued an alert to the developers of the tool. The report stated that this was the first time Google's threat intelligence team had discovered hackers using AI-generated "zero-day" vulnerabilities in this way. Zero-day vulnerabilities are defects that the developer is not aware of, giving the defense side no time to patch before the vulnerability is exploited. Google stated that it is "highly confident" that artificial intelligence was used to help discover and weaponize this vulnerability. The company refused to disclose the cybercriminal group involved, the affected software, and the name of the large language model used in this failed attack. However, a spokesperson stated that researchers believe this vulnerability was not generated using Anthropic PBC's Mythos or Google's own Gemini model. Google did not provide more details on when this vulnerability was discovered, only describing it as "recent."