For years, security experts warned that AI would eventually give hackers a dangerous new edge. That moment has arrived.
Google’s Threat Intelligence Group has published a report confirming that a criminal hacking group used an AI model to discover a zero-day vulnerability and nearly pulled off a mass cyberattack. Google says it caught and stopped the attack before the hackers could deploy the attack at scale.
What exactly happened, and how serious was it?
The exploit targeted a popular open-source web-based system administration tool, the kind businesses use to remotely manage servers, employee accounts, and security settings.
Had it gone undetected, it would have let hackers bypass two-factor authentication, which is often the last line of defense protecting accounts.
The attackers planned to deploy it in a mass exploitation event targeting multiple organizations at once. Google alerted the tool’s developer in time for a patch to be issued before any damage was done.
The company declined to name the hacking group, the specific software targeted, or which AI model was used, but confirmed it was not Google’s own Gemini.
According to Google, groups linked to China and North Korea have also shown significant interest in using AI tools like OpenClaw for vulnerability discovery.
Is AI becoming cybersecurity’s biggest weak point?
The Google attack is alarming, but it’s far from isolated. Georgia Tech researchers recently uncovered VillainNet, a hidden backdoor that embeds itself inside self-driving car’s AI and works 99% of the time when triggered.
Meanwhile, a Korean research team showed that AI models can be reverse-engineered remotely using a small antenna through walls, no system access needed. Recently, a group of Discord users bypassed access controls to reach Anthropic’s restricted Mythos model through a third-party vendor environment.
On the defense side, a growing discipline called AI pentesting is emerging to stress-test how language models behave when exposed to adversarial inputs, but the field is still in its early stages.
