HACKERS USED AI TO BUILD A ZERO-DAY EXPLOIT — FIRST CONFIRMED CASE IN HISTORY
This is the one cybersecurity researchers have been warning about. Google’s Threat Intelligence Group confirmed this week that it has high confidence a criminal hacker group used an AI system to discover and exploit a zero-day vulnerability — the first known real-world case of AI being weaponized for cyber attack at this level.
The exploit targeted a popular open-source web administration tool and was engineered to bypass two-factor authentication. The group was building toward a mass exploitation event. Google says it moved fast enough to counter the threat before it could be deployed at scale, but the fact it got this far changes the conversation entirely.
For years, security experts theorized about this moment. AI could accelerate vulnerability discovery dramatically, allowing even mid-tier threat actors to punch well above their weight. This confirms it is no longer theoretical. North Korean hackers, Chinese state-linked operators, and unnamed criminal groups are all reportedly experimenting with AI for attack automation.
The defense community is scrambling. AI-assisted attack development means the window between a vulnerability existing and being weaponized could shrink from months to days — or hours. Every organization running internet-facing systems needs to treat this as a fire alarm, not a distant warning.
Keywords: AI zero-day exploit, hackers AI cyberattack, Google threat intelligence, AI cybersecurity 2026