Google says it has identified what it believes is the first real-world case of criminals using AI to discover and weaponize a zero-day vulnerability for a planned mass-exploitation campaign. In a report shared with The Register, Google's Threat Intelligence Group (GTIG) said the bug — a two-factor authentication bypass in a popular open-source web administration platform — was developed by criminals collaborating on a large-scale intrusion operation.

GTIG said the attackers appear to have used an AI model both to find the flaw and to help turn it into a working exploit. Google worked with the unnamed vendor to quietly patch the issue before the campaign could gain momentum, which it believes may have disrupted the operation. The company stressed that neither Gemini nor Anthropic's Mythos was involved, but said the exploit looked machine-made: the Python script contained "educational docstrings," a hallucinated CVSS score, and a polished, textbook structure suggestive of LLM output.

The underlying weakness, Google said, came from developers hard-coding a trust exception into the authentication flow, creating a gap that let attackers sidestep 2FA. Such high-level logic errors, the report noted, are exactly what frontier models are increasingly good at spotting: "While fuzzers and static analysis tools are optimized to detect sinks and crashes, frontier LLMs excel at identifying these types of high-level flaws and hardcoded static anomalies."

GTIG chief analyst John Hultquist said the AI vulnerability race "has already begun," warning that for every AI-traceable zero-day there are likely many more. The report places the case within a broader trend: North Korea's APT45 churning through thousands of exploit checks with AI, Chinese operators experimenting with automated vulnerability hunting, malware padded with AI-generated junk code, Android backdoors leveraging Gemini APIs, and Russian influence operations splicing AI-generated audio into real footage.