Hackers used AI to discover and weaponize a zero-day for the first time (www.techradar.com)

The Google Threat Intelligence Group (GTIG) has reported the unprecedented use of AI by hackers to discover and exploit a zero-day vulnerability, enabling them to bypass two-factor authentication (2FA). This vulnerability originated from a semantic logic flaw due to a hardcoded ‘trust assumption’ in a popular open-source system administration tool, showcasing a new level of sophistication in cyberattacks where threat actors can leverage AI at an 'industrial scale'. The attack was thwarted before mass exploitation could occur, thanks to GTIG's timely intervention. This incident underscores a significant paradigm shift in cybersecurity, as AI models can effectively interpret developer intent and recognize security flaws that traditional scanning tools often overlook. The successful identification of the zero-day was facilitated by context-aware reasoning capabilities inherent in large language models (LLMs) and was further aided by the rich educational content in the Python script used by the developers. GTIG has also observed state-sponsored groups exploiting AI for ‘persona-driven’ jailbreaking and leveraging extensive vulnerability datasets, emphasizing the need for stronger protective measures in software development to counteract these evolving threats.