Hacker News
Google TIG Reports First AI-Generated Zero-Day Exploit Used by Criminal Hackers — Confirmed by Bloomberg, CNBC, NYT
Google's Threat Intelligence Group documented the first case of criminal hackers using an AI model to develop a zero-day exploit — a two-factor authentication bypass in an open-source web administration platform intended for mass exploitation. Google assessed with high confidence that the exploit code bore hallmarks of LLM generation and was designed for a large-scale campaign that Google's proactive discovery may have prevented. The story drew multi-source confirmation from Bloomberg, CNBC, The Register, Engadget, and the NYT (188 points on HN), with Google also reporting North Korean APT45 using AI to churn through exploit checks at scale.
↳ Follow the thread