Overview
- Google’s Threat Intelligence Group says criminals used generative AI to discover and craft an exploit for an unknown software flaw, and the team shut it down during development.
- The planned campaign targeted a popular remote administration tool and aimed to bypass its two-factor login, though Google did not name the product or the group.
- Google classified the bug as a zero-day, meaning the vendor did not know about it or have a fix, which makes such flaws highly valuable to attackers.
- Security researchers report that generative systems help less-skilled hackers find weaknesses and write attack code, which raises the number of opportunistic hits on people and small businesses.
- Defenders can cut risk by installing updates quickly, turning on strong multi-factor authentication, hardening admin tools, and watching for unusual sign-ins or access patterns.