What happened
On May 11, Google's Threat Intelligence Group (GTIG) disclosed that it identified and disrupted a zero-day exploit (2FA bypass on an unnamed open-source web-based system administration tool) that was developed using an AI model. The Python script showed hallmarks of LLM generation: educational docstrings, hallucinated CVSS score, structured Pythonic formatting, detailed help menus, and ANSI color classes. The exploit targets a hardcoded trust assumption in the target tool's 2FA logic—a high-level semantic flaw that LLMs excel at spotting. GTIG assessed with high confidence that an AI model (not Google Gemini or Anthropic Claude Mythos) was weaponized to facilitate discovery and weaponization.
Why it matters
This is the first confirmed in-the-wild zero-day developed with AI. It operationalizes years of research warnings: adversaries now have AI-assisted vulnerability discovery compressed timelines for exploitation. The exploit targets logic flaws rather than memory corruption, suggesting frontier LLMs have sufficient contextual reasoning to surface dormant semantic vulnerabilities. John Hultquist (Google's chief threat intelligence analyst) stated: 'It's here. The era of AI-driven vulnerability and exploitation is already here.' Criminal actors have the most to gain from AI's speed advantage in a ransomware/extortion race.
Applicability
All enterprises hosting web-based system administration tools should assume the attack surface has compressed. Patch timelines that once took weeks now face hours-to-days threat windows. CISOs should: (1) assume AI will be used by adversaries to discover zero-days in your infrastructure; (2) accelerate patch deployment and incident response timelines; (3) monitor CISA KEV catalog for zero-days developed with AI assistance (expected to increase); (4) expand red-team exercises to include AI-assisted vulnerability discovery; (5) harden assumption-based logic in authentication and authorization controls.