Google2026-05-11
Google catches first confirmed AI-generated zero-day exploit in the wild

AI Analysis
Google's Threat Intelligence Group (GTIG) confirmed the first known case of criminals using AI to build a working zero-day exploit — a Python-based 2FA bypass — and says it averted a planned 'mass exploitation event'. GTIG identified the AI-authored code by its telltale Python docstrings, over-annotation, and a hallucinated CVSS score, and explicitly ruled out Gemini and Anthropic's Mythos as the underlying model. North Korea's APT45 is among the attackers using LLMs to weaponize disclosed vulnerabilities.