Overview
- Google’s Threat Intelligence Group detailed what it calls the first case of an AI-assisted zero-day, a previously unknown flaw embedded in a Python script that let users bypass two-factor authentication on a popular open‑source web admin tool, and the vendor has already shipped a patch.
- The IMF warned that advanced models like Anthropic’s Claude Mythos can find software weaknesses in very little time, creating the risk of correlated failures across banks and a potential macrofinancial shock that could disrupt payments and erode trust.
- The IMF also highlighted unequal protection as large firms such as JPMorgan Chase, Amazon and Microsoft receive early access to security fixes while many banks in emerging markets remain exposed.
- Google’s AI Threat Tracker says criminals now use generative AI to scale exploits, hide malware and evade safeguards, citing North Korea‑linked APT45 and China‑linked APT27, and notes experiments with agent tools like OpenClaw and OneClaw, which VirusTotal now helps police by scanning posted skills.
- Investment and adoption continue to surge as AI drew 61% of global venture capital in 2025 and companies plan major spending, yet KPMG finds many enterprises still lack mature governance, data protection and cybersecurity even as militaries like Spain’s push to keep humans responsible for critical decisions.