Google stopped a zero-day hack that it says was developed with AI

AI Summary

Google has identified and prevented a zero-day exploit that was developed using AI techniques. This vulnerability could have allowed cybercriminals to bypass two-factor authentication on a web-based administration tool, indicating advanced malicious intent leveraged by artificial intelligence.

For the first time, Google says it has spotted and stopped a zero-day exploit developed with AI. According to a report from Google Threat Intelligence Group (GTIG), "prominent cyber crime threat actors" were planning to use the vulnerability for a "mass exploitation event" that would have allowed them to bypass two-factor authentication on an unnamed "open-source, web-based system administration tool." Google's researchers found hints in the Python script used for the exploit that indicated help from AI, like a "hallucinated CVSS score" and "structured, textbook" formatting consistent with LLM training data. The exploit takes advantage of … Read the full story at The Verge.