For the first time, Google says it has spotted and stopped a zero-day exploit developed with AI. According to a report from Google Threat Intelligence Group (GTIG), "prominent cyber crime threat actors" were planning to use the vulnerability for a "mass exploitation event" that would have allowed them to bypass two-factor authentication on an unnamed […]
Tech AI News Google stopped a zero-day hack that it says was developed with AI Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS score.
Google researchers found evidence in the exploit’s code that it may have been created using AI, like a ‘hallucinated’ CVSS score.
by Stevie Bonifield May 11, 2026, 4:09 PM UTC Link Share Gift If you buy something from a Verge link, Vox Media may earn a commission.
See our ethics statement.
Illustration by Cath Virginia / The Verge | Photos from Getty Images Stevie Bonifield is a news writer covering all things consumer tech. Stevie started out at Laptop Mag writing news and reviews on hardware, gaming, and AI.
For the first time, Google says it has spotted and stopped a zero-day exploit developed with AI. According to a report from Google Threat Intelligence Group (GTIG), “prominent cyber crime threat actors” were planning to use the vulnerability for a “mass exploitation event” that would have allowed them to bypass two-factor authentication on an unnamed “open-source, web-based system administration tool.” Google’s researchers found hints in the Python script used for the exploit that indicated help from AI, like a “hallucinated CVSS score” and “structured, textbook” formatting consistent with LLM training data. The exploit takes advantage of “a high-level semantic logic flaw where the developer hardcoded a trust assumption” in the platform’s 2FA system. This follows weeks of hand-wringing over the capabilities of cybersecurity-focused AI models like Anthropic’s Mythos and a recently disclosed Linux vulnerability that was discovered with AI assistance.
Related Attack of the killer script kiddies It’s the first time Google has found evidence that AI was involved in an attack like this, although Google’s researchers note that they “do not believe Gemini was used.” Google says it was able to “disrupt” this particular exploit, but also says hackers are increasingly using AI to find and take advantage of security vulnerabilities. The report also mentions AI as a target for attackers, saying “GTIG has observed adversaries increasingly target the integrated components that grant AI systems their utility, such as autonomous skills and third-party data connectors.” Google’s report also details how hackers are using “persona-driven jailbreaking” to get AI to find security vulnerabilities for them, like an example prompt that instructs the AI to pretend it’s a security expert. Hackers are also feeding AI models whole repositories of vulnerability data and using OpenClaw in ways that suggest “an interest in refining AI-generated payloads within controlled settings to increase exploit reliability prior to deployment.” Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Stevie Bonifield AI Google News Security Tech Most Popular Most Popular Logitech’s tiny folding mouse improves upon the laptop trackpad Writers are fleeing the Substack Tax Forza Horizon 6 has been leaked and cracked a week before its release Vivo’s X300 Ultra has the best cameras in any phone Netflix may have finally figured out games The Verge Daily A free daily digest of the news that matters most.
Email (required) Sign Up By submitting your email, you agree to our Terms and Privacy Notice .
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Advertiser Content From This is the title for the native ad
