AI-Built Zero-Day: Google Foils Mass Cyberattack

A cybercriminal group nearly launched a mass attack using a software exploit built entirely by an artificial intelligence model. Google researchers say this AI-generated "zero-day" exploit was discovered by their Threat Intelligence Group. What's interesting is that the AI not only found a new vulnerability but also coded the exploit itself. This flaw bypassed two-factor authentication in a Python script targeting a popular open-source web administration tool. Google worked with the affected vendor to patch the flaw before the attack could happen. This vulnerability was unique because it wasn't a typical coding error. Instead, it was a high-level logic flaw that traditional security scanners would miss. AI models can understand the developer's intent and find contradictions in the code. Google believes an AI model was used for the technical work of discovering and coding the exploit, while humans directed the overall campaign. This shows AI can significantly change how cyberattacks are developed.