{"id":15799,"date":"2026-05-12T08:19:29","date_gmt":"2026-05-12T08:19:29","guid":{"rendered":"https:\/\/globalnewstoday.uk\/index.php\/2026\/05\/12\/google-ai-likely-aided-attackers-to-develop-a-zero-day-techzine-global\/"},"modified":"2026-05-12T08:19:29","modified_gmt":"2026-05-12T08:19:29","slug":"google-ai-likely-aided-attackers-to-develop-a-zero-day-techzine-global","status":"publish","type":"post","link":"https:\/\/globalnewstoday.uk\/index.php\/2026\/05\/12\/google-ai-likely-aided-attackers-to-develop-a-zero-day-techzine-global\/","title":{"rendered":"Google: AI likely aided attackers to develop a zero-day – Techzine Global"},"content":{"rendered":"

Google says it likely prevented a cyberattack in which hackers used AI to develop a zero-day vulnerability. According to the Google Threat Intelligence Group, the incident demonstrates how generative AI is increasingly shifting from a tool to an active component of cyberattacks.<\/strong>
The researchers<\/a> state that this is the first time they have observed an exploit that AI likely helped develop. It involved a vulnerability in a popular open-source web tool for system administration. This vulnerability allowed two-factor authentication to be bypassed, provided attackers already possessed valid login credentials.
According to Google, cybercriminals intended to use the vulnerability for a large-scale attack campaign. The company says it intervened together with the vendor before the exploit was actively abused. Google has not disclosed which group was behind the attack. However, the company says it has no evidence that Gemini was used.
According to Google, attackers are increasingly using AI for vulnerability research<\/a> and exploit development. Groups linked to China and North Korea, in particular, are reportedly actively experimenting with AI models to detect software flaws.
According to Google, attackers have models pose as security researchers or firmware experts to perform analyses on embedded systems and protocols. They also use datasets containing historical vulnerabilities to help models better reason about security flaws.
In addition, Google observes that attackers are deploying agentic tools to partially automate research and exploit validation. This shifts AI from a passive assistant to a system that independently executes parts of offensive workflows.
The report also describes malware that uses AI for obfuscation and autonomous task execution. Some malware families generate extra code with no direct function to make detection more difficult. Other variants dynamically adapt scripts or payloads to evade security software.
One example is PROMPTSPY, an Android backdoor that leverages Gemini functionality. According to Google, the malware can read a device\u2019s user interface, send information to a model, and then receive instructions to perform actions, such as clicking or swiping on specific screen elements.
In addition to AI abuse, Google also observes that AI ecosystems are increasingly being targeted. Attackers focus on libraries, plug-ins, API connectors, and other components related to AI platforms.
The report references, among other things, attacks on software projects such as LiteLLM and BerriAI. Through supply-chain attacks, criminals attempted to gain access to cloud credentials, GitHub tokens, and other sensitive data. According to Google, such attacks can lead not only to ransomware or data theft but also to the misuse of internal AI systems.
The publication comes at a time when AI companies are discussing the risks of powerful security models more explicitly. Anthropic recently postponed the rollout of its Mythos model due to concerns about misuse by criminals. The model is now available to a limited group of testers.
Google emphasizes that the same AI technology can also be used defensively. The company points to Big Sleep, an AI agent from Google DeepMind and Project Zero that searches for unknown vulnerabilities, and to CodeMender, an experimental system designed to automatically help repair vulnerabilities.<\/p>\n

AI<\/a> \/ Google Threat Intelligence Group<\/a> \/ malware<\/a> \/ Security<\/a>
"*<\/span>" indicates required fields
IT vendors often choose to market a solution as \u201cfull-stack AI,\u201d …
Agentic AI management has come to the fore as one of the primary capa…
Those who build in security only after the fact pay up to fifteen times the original cost. That\u2019s why a str…
A tampered version of the Checkmarx Jenkins AST plugin has appeared in the Jenkins Marketplace. The attack ha…
If anyone was ever forced to pick the tritest phrase in the world, it…
The new SOC in the Netherlands further strengthens mnemonic\u2019s regio…
Wireless connectivity is becoming a critical infrastructure for the A…
How do you ensure your company data is both secure and quickly recove…
“A Buyer’s Guide to Enterprise Linux” comprehensively analyzes the mo…
The\u00a0Data Protection Guide 2025 explores the essential strategies and…
The white paper “DNS Best Practices” by Infoblox presents essential g…
Techzine focusses on IT professionals and business decision makers by publishing the latest IT news and background stories. The goal is to help IT professionals get acquainted with new innovative products and services, but also to offer in-depth information to help them understand products and services better.
\u00a9 2026 Dolphin Publications B.V.
All rights reserved.<\/p>\n

source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Google says it likely prevented a cyberattack in which hackers used AI to develop a zero-day vulnerability. According to the Google Threat Intelligence Group, the incident demonstrates how generative AI is increasingly shifting from a tool to an active component of cyberattacks.The researchers state that this is the first time they have observed an exploit […]<\/p>\n","protected":false},"author":1,"featured_media":15800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":{"0":"post-15799","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology"},"_links":{"self":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts\/15799","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/comments?post=15799"}],"version-history":[{"count":0,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts\/15799\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/media\/15800"}],"wp:attachment":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/media?parent=15799"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/categories?post=15799"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/tags?post=15799"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}