Google’s Threat Intelligence Group (GTIG) announced on May 11 that it had disrupted what it believes to be the first confirmed case of a criminal hacking group using artificial intelligence to build a zero-day exploit — a software vulnerability unknown to the developer — and deploy it in a planned mass cyberattack. The disclosure marks a watershed moment in cybersecurity that experts say validates years of warnings about AI’s potential to fundamentally change the threat Google AI zero-day hack 2026 landscape.
“It’s here,” said John Hultquist, chief analyst at GTIG. “The era of AI-driven vulnerability and exploitation is already here.” The statement — made to the Associated Press on May 11 — carries weight precisely because Hultquist has spent years cautioning that this moment was approaching. Now GTIG’s own intelligence has confirmed it arrived.
What Happened — The Technical Details
GTIG reported that it recorded hackers using an AI model to find and exploit a zero-day vulnerability in a widely-used software tool for administering computer systems. The AI identified a previously unknown flaw — specifically a hard-coded trust exception in an authentication flow — that allowed attackers to bypass two-factor authentication entirely. The AI then helped turn that vulnerability into a usable exploit.
The exploit itself bore the hallmarks of AI involvement. According to GTIG’s report, the Python script used to build it included what Google described as ‘educational docstrings’ — explanatory comments in a style consistent with AI-generated code. It also contained a hallucinated CVSS vulnerability score and a polished textbook coding structure heavily influenced by large language model training data. The attackers planned to use it in what GTIG described as a ‘mass exploitation event’ — a simultaneous attack across multiple targets at scale.
Google worked with the unnamed affected vendor to quietly patch the issue before the campaign could gain traction, and stated that its proactive counter-discovery ‘may have prevented its use.’ The name of the criminal group was not disclosed. Google confirmed that neither its own Gemini model nor Anthropic’s Mythos model was involved in building the exploit.
Who Was Behind It
While GTIG declined to name the specific criminal group, the report noted that hacking groups linked to China and North Korea had ‘demonstrated significant interest in capitalizing on AI for vulnerability discovery.’ The report highlighted the tool OpenClaw — an AI-powered offensive security tool — as one of the instruments being actively used by threat actors to find vulnerabilities, launch cyberattacks, and develop malware. The implication is that AI offensive tools are no longer theoretical: they are in active use by nation-state-linked criminal organisations.
Why This Changes Everything
Prior to this disclosure, AI-assisted cyberattacks were documented but the AI role was largely in planning, phishing, and social engineering — not in the technical construction of novel exploits. A zero-day built with AI assistance represents a qualitative escalation. Zero-day vulnerabilities are the most valuable currency in offensive cybersecurity because developers have zero time to patch them before exploitation begins.
The broader context makes this disclosure more alarming, not less. In April 2026, Anthropic delayed the rollout of its Mythos model specifically because internal testing found it could autonomously identify and exploit decades-old software vulnerabilities — including a 27-year-old flaw in OpenBSD and a 16-year-old bug in FFmpeg. That level of capability, pointed at real infrastructure by a criminal group willing to use it, is precisely the scenario GTIG has now documented occurring in the wild.
For security teams, the implication is stark: AI is compressing the timeline between vulnerability existence and active exploitation in ways that traditional patch management cycles cannot keep pace with. The question is no longer whether AI will be used to attack systems at scale — it already has been — but how defenders can respond at equivalent speed.
