An AI wrote a working zero-day exploit — Google caught it first

The exploit targeted two-factor authentication, the verification step that protects most accounts people care about — email, banking, cloud storage, work logins. The vulnerability, a semantic logic flaw in the tool’s Python code, let an attacker who already had stolen credentials walk past the 2FA check by triggering a hardcoded exception the developers never meant to expose. Google identified the bug, disclosed it to the affected vendor for a patch, and disrupted the planned attack before it could begin. What makes the discovery a first is not the bug itself but the way it was found.

Google’s analysts say the exploit code carried unmistakable fingerprints of a large language model — tutorial-style docstrings, structured formatting, and a writing style they describe as highly characteristic of LLM training data. The researchers concluded with high confidence that an AI model, not a human working alone, carried the bulk of the discovery and weaponization work. The affected company, the criminal group, and the name of the tool remain undisclosed.

That distinction matters because the flaw is the kind machines were not supposed to be good at finding. Traditional vulnerability scanners look for crashes and memory corruption. This one was a contradiction between the 2FA enforcement logic and a hardcoded exception — the type of bug a careful human auditor might catch by reading thousands of lines of code looking for inconsistencies. Frontier language models, Google notes, are increasingly able to do that kind of contextual reading at speeds no audit team can match.

You May Also LikeChina approves the world’s first commercial brain implant, leaving Neuralink behind

The report also describes a wider pattern that has nothing to do with criminal groups. A Chinese-aligned cluster tracked as UNC2814 has used AI to accelerate vulnerability research on embedded devices. A North Korean group designated APT45 fed thousands of repetitive prompts to a language model to recursively analyze CVE entries and validate exploit proofs-of-concept. Different operators, same technique: turn the model into a tireless research assistant.

The Google account has limits worth naming. The company has not identified the affected tool, the threat actor, or the patch timeline, and asks readers to trust the AI-fingerprint conclusion on the strength of internal analysis alone. None of the third-party confirmations released this week add an independent forensic look at the exploit code itself. The high-confidence assessment is GTIG’s word against the silence of the criminal group. It also remains true that the underlying bug — a hardcoded exception slip — is exactly the type of mistake human developers have made for decades without any AI help. The model may have accelerated the discovery; the flaw is older than the system that found it.

For the average user there is no immediate action item — the bug is in software run by IT teams, not on personal devices — but the broader implication is direct. The defensive perimeter most people rely on, from password managers to enterprise single sign-on, was designed against human attackers working at human speed. An AI-assisted attacker can read a codebase the way a senior engineer reads a paragraph. Defenders will have to do the same.

What is confirmed is that the affected vendor has been notified and is patching. The broader analysis was published as part of Google Cloud’s ongoing threat-intelligence series tracking AI use in offensive security on May 11, 2026. Google’s chief threat analyst John Hultquist told reporters in the days that followed that the AI-versus-defender race is already underway rather than imminent. A follow-up report on AI-enabled tooling is expected before the end of the second quarter.

More Like This

The Necrons Awaken In Warhammer 40,000: Warpforge

The Daru Debut In Archeage’s Summer Update, Live Now

Boxed Retail Edition of Beholder 3

Bayonetta (2009). Recommended Videogame

Samsung Expands AI-Powered PC Lineup with Cutting-Edge Galaxy Book5 Series

Archeage: Unchained Will Debut A Brand New Fresh Start Server On February 9