Google has disclosed the discovery of a zero-day exploit weaponized by an unknown threat actor using an AI system, marking a significant milestone in malicious vulnerability discovery. The exploit, a Python script targeting a popular open-source system administration tool, bypasses two-factor authentication (2FA) by leveraging a high-level semantic logic flawβa task where Large Language Models (LLMs) excel. The identified script contained hallmarks of AI generation, including educational docstrings and structured Pythonic formatting.
Beyond zero-day generation, threat actors like UNC2814 and APT45 are using AI for persona-driven jailbreaking and automated exploit validation. Other campaigns, such as the Android-based PromptSpy, utilize AI to analyze user interfaces and autonomously navigate compromised devices. The report also highlights a growing grey market of "shadow APIs" that allow actors to bypass regional restrictions on models like Claude and Gemini while exposing users to significant data risks.
Top comments (0)