Google discovers weaponized zero-day exploits created with AI
Google discovers weaponized zero-day exploits created with AI
Publish Date: 2026-05-11 09:03:00
Source Domain: www.csoonline.com
“We observed prominent cyber crime threat actors partnering to plan a mass vulnerability exploitation operation,” GTIG researchers wrote in a new report about AI abuse by malicious attackers. “Our analysis of exploits associated with this campaign identified a zero-day vulnerability implemented in a Python script that enables the user to bypass two-factor authentication (2FA) on a popular open-source, web-based system administration tool.”
While GTIG hasn’t named the impacted tool, the team disclosed the vulnerability to the vendor and possibly hindered mass exploitation. Such incidents may become more common, however, as AI models’ reasoning capabilities are advancing to the point where they can discover high-level logic flaws rather than just basic memory corruption and improper input sanitization bugs.
This was the case with the discovered Python 2FA bypass exploit, which required credentials to exploit but stemmed from the tool’s developers hardcoding an ineffective trust assumption.
“Though frontier LLMs struggle to navigate complex enterprise authorization logic, they have an increasing ability to perform contextual reasoning, effectively reading the developer’s intent to correlate the 2FA enforcement logic with the contradictions of its hardcoded exceptions,” the GTIG researchers concluded. “This capability can allow models to surface dormant logic errors that appear functionally correct to traditional scanners but are strategically broken from a security perspective.”
