Google GTIG: First AI-Generated Zero-Day Exploit Identified; State Actors Expand AI-Assisted Cyber Operations – May 2026
Impact Assessment Rationale
The attack was foiled before mass exploitation, limiting immediate loss potential. However, the demonstrated capability for AI-assisted zero-day development represents a significant escalation in the cyber threat landscape, with potential to increase frequency and severity of future insured cyber events globally.
View assessment methodology →Loading map...
Geographic Zone Matches
4 active matches
- JWC Listed AreasRule-basedConfidence 100%
- TRIA Certified AreasRule-basedConfidence 100%
- OFAC Sanctioned CountriesRule-basedConfidence 100%
- EU Sanctions ListRule-basedConfidence 100%
Geographic zone matches are RiskEvents spatial/analytical indicators, not coverage determinations or Lloyd's official classifications.
Summary
Google's Threat Intelligence Group (GTIG) has identified the first confirmed zero-day exploit believed to have been developed using AI, targeting an unnamed open-source web administration tool to bypass two-factor authentication. The Python exploit's structure — including hallucinated CVSS scores and LLM-characteristic formatting — provided high-confidence evidence of AI involvement. The attack was foiled before mass exploitation. GTIG also reported broader trends of Chinese (APT27, APT45) and North Korean (UNC2814, UNC5673, UNC6201) threat actors using AI for vulnerability discovery, while Russian actors employed AI-generated code to obfuscate malware and AI voice cloning in influence operations.
This summary is AI-generated from linked source reports and may change as more information becomes available. See our correction policy for how to report errors.
Structured Intelligence
known
- Google GTIG published a report on 11 May 2026 identifying the first known AI-developed zero-day exploit.
- The exploit targeted an unnamed open-source web-based system administration tool to bypass 2FA.
- The Python exploit code contained hallucinated CVSS scores and LLM-characteristic formatting, giving Google high confidence in AI involvement.
- Google rules out Gemini as the LLM used.
- The attack was disrupted before mass exploitation occurred.
- Chinese APT groups APT27 and APT45 and North Korean groups UNC2814, UNC5673, UNC6201 have been observed using AI for cyber operations.
- Russian actors used AI-generated decoy code in malware CANFAIL and LONGSTREAM, and AI voice cloning in 'Operation Overload'.
- PromptSpy Android backdoor uses Gemini APIs for autonomous device interaction.
reported
- The vulnerability exploited is described as a high-level semantic logic bug, a category where AI excels.
- Threat actors are industrialising access to premium AI models via automated account creation, proxy relays, and account-pooling infrastructure.
- Google notified the affected software developer, enabling timely disruption.
uncertain
- The identity of the specific web administration tool targeted has not been disclosed.
- The specific LLM used by the threat actor to develop the exploit has not been identified.
- The identity of the threat actor responsible for the zero-day exploit has not been specified.
- The attribution of the zero-day development to a state or non-state actor remains unclear.
Affected Countries
Key Entities
Sources
Trade Media
- BleepingComputer12 May 2026, 01:45
Mainstream Media
- The Guardian World12 May 2026, 02:10
Timeline
Lifecycle changed
active → monitoring
Status changed to monitoring
Auto-transitioned: no updates for 6 hours
Lifecycle changed
signal → active
Status changed to active
remediation: existing authoritative signal
Corroborating source
Google's Threat Intelligence Group (GTIG) has reported that AI-powered hacking has escalated from a nascent problem to an industrial-scale threat within just three months. Criminal groups and state-linked actors are leveraging commercial AI models to refine and scale up cyberattacks, exploiting vulnerabilities across a broad range of software systems. The findings contribute to a growing global debate about AI's role as a powerful offensive tool in cybersecurity.
In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google. Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks.
Source: The Guardian World (Mainstream Media) · View source
Initial Detection
Google's Threat Intelligence Group (GTIG) has identified the first confirmed zero-day exploit believed to have been developed using AI, targeting an unnamed open-source web administration tool to bypass two-factor authentication. The Python exploit's structure — including hallucinated CVSS scores and LLM-characteristic formatting — provided high-confidence evidence of AI involvement. The attack was foiled before mass exploitation. GTIG also reported broader trends of Chinese (APT27, APT45) and North Korean (UNC2814, UNC5673, UNC6201) threat actors using AI for vulnerability discovery, while Russian actors employed AI-generated code to obfuscate malware and AI voice cloning in influence operations.
"For the first time, GTIG has identified a threat actor using a zero-day exploit that we believe was developed with AI," GTIG researchers say. "The script contains an abundance of educational docstrings, including a hallucinated CVSS score, and uses a structured, textbook Pythonic format highly characteristic of LLMs training data."
Source: BleepingComputer (Trade Media) · View source