Google: Hackers used AI to develop zero-day exploit for web admin tool - BleepingComputer
Hackers leveraged AI to create a zero-day exploit for a popular open-source web administration tool, bypassing its 2FA protection before the attack was widely deployed.
- Incident date
- May 2026
- Target
- Unnamed open-source web administration tool
In May 2026, Google's Threat Intelligence Group (GTIG) reported that hackers used AI to develop a zero-day exploit targeting a popular, but unnamed, open-source web administration tool. The AI-generated exploit was designed to bypass the tool's two-factor authentication (2FA).
What happened
GTIG researchers believe the exploit code was generated using AI due to its structure, educational docstrings (including a fabricated CVSS score), and textbook Pythonic format. The researchers noted that the nature of the exploited flaw was a high-level semantic logic bug, an area where AI excels, rather than typical vulnerabilities found via fuzzing. Google notified the software developer, disrupting the attack before it could be widely exploited. GTIG also noted that other threat actors have been using AI models for vulnerability discovery and exploit development, as well as AI voice cloning in social engineering attacks.