Google says it has already stopped a criminal group from using artificial intelligence to exploit a previously unknown flaw in a company’s digital defenses, a reminder that the AI security scare is no longer theoretical. The company says the attackers were planning a larger operation around a zero-day vulnerability, and that they had used an AI large language model to help uncover the bug before Google intervened.
That’s the uncomfortable part for defenders: the same software that helps people write emails and code is now helping criminals move faster through the messy plumbing of corporate systems. Google did not name the target, the attackers, or the AI model involved, but it said the case fits a pattern experts have been warning about for years – one where hackers use AI to speed up the hunt for weak spots before security teams can patch them.
How the AI zero-day attack bypassed two-factor authentication
According to Google, the flaw let the attackers get around two-factor authentication and access a popular online system administration tool. The company said it notified the affected organization and law enforcement, and disrupted the operation before any damage was done. That matters because system admin tools are the keys to the kingdom; once someone gets in, the blast radius can get ugly fast.
Google called it a zero-day exploit, meaning the vulnerability was unknown until it was used and there were zero days to prepare a fix. The broader worry is that AI compresses the time between discovery and abuse, which is great if you are patching software and terrible if you are stealing credentials for ransomware or extortion.
AI tools are improving on both sides
The timing is awkward for defenders because AI systems are getting better at finding bugs. Anthropic announced its Mythos model about a month ago, while OpenAI said Friday it was rolling out a cybersecurity-focused version of ChatGPT for defenders responsible for critical infrastructure. That split-screen is now the defining feature of the sector: one side automates patching and detection, the other side automates probing and exploitation.
Google said it does not believe the incident was tied to an adversarial government, though it also said groups linked to China and North Korea have been exploring similar techniques. Criminal gangs may have the biggest incentive here: speed helps them find weaknesses, weaponize them, and cash out before defenders catch up. State-backed operators tend to be patient; ransomware crews are rarely known for their restraint.
Washington is sending mixed signals on AI oversight
The case lands while the U.S. government is still arguing with itself about how much to regulate powerful AI models before release. Trump’s Commerce Department said last week it had new agreements with Google, Microsoft and Elon Musk’s xAI to evaluate their most capable systems, then the announcement disappeared from the department’s website. Meanwhile, the administration has already rolled back Biden-era guardrails, which leaves the policy picture looking less like a strategy and more like a group chat.
That uncertainty matters because the threat is scaling faster than the software beneath it can be hardened. Dean Ball, a former White House tech policy adviser, says the long-term upside is real, but the world is entering a transitional stretch where millions of lines of code remain exposed while AI makes it easier to find the weak seams. The next question is whether governments can set rules quickly enough to slow the abuse, or whether the industry has to learn the hard way first.