Overview
- Google’s Threat Intelligence Group, in a report released Monday, said a prominent cybercrime group used an AI model to craft a Python exploit for a popular open-source web administration tool.
- The exploit created a way to bypass two-factor authentication once a valid username and password were known, and Google worked with the vendor to patch the flaw before a large-scale campaign could launch.
- A zero-day is a software bug unknown to the developer, which gives attackers a window to break in before a fix exists.
- Google cited telltale AI fingerprints in the code, including tutorial-style docstrings, a hallucinated CVSS severity score, and textbook Python formatting, and it said neither Gemini nor Anthropic’s Mythos powered the effort.
- The report warns that both criminal and state-linked actors in China, North Korea, and Russia are testing AI for finding flaws, building malware, and automating attacks, which could shrink defenders’ response time.