The report also documented what Google believes may be the first observed case of an AI-assisted zero-day exploit intended for mass exploitation. This means that attackers have found a vulnerability known to the company and tried to exploit it. The exploit targeted a widely used open-source administration tool and attempted to bypass two-factor authentication through a logic flaw. “But our proactive counter discovery may have prevented its use,” the report stated.
But beyond individual users and enterprises, Google’s findings also point to a growing geopolitical dimension to AI-powered cyber operations. The report noted that state-backed threat actors linked to countries including China, Iran and North Korea are increasingly experimenting with generative AI tools to support cyber espionage, operational research and vulnerability analysis. While Google said it has not yet observed fully autonomous AI cyberattacks by state actors, researchers noted that these groups are actively testing how AI can improve operational efficiency. Huntley said the shift reflects how AI is lowering operational barriers across the threat landscape. “Every type of threat actor is trying to work out how to use AI to get better at what they’re doing,” he said. “Whether that’s exploit research, malware, phishing content or automating operations.”
Huntley said this reflects a broader industrialisation of cybercrime and cyber warfare ecosystems. “We’ve already seen ransomware and cybercrime become very efficient and industrialised,” he said. “AI is now accelerating that trend.” At the same time, Google argues that AI could also become one of cybersecurity’s biggest defensive tools. Huntley said cybersecurity teams globally continue to struggle with an overwhelming volume of threat data and a shortage of trained defenders.
“There’s never been enough defenders,” he said. “AI allows security teams to scale in ways that simply weren’t possible before.” Google itself is increasingly integrating AI into its own security operations through projects focused on identifying vulnerabilities and accelerating patching workflows.
Still, for Huntley, the central concern remains whether defenders can adapt quickly enough to the speed of AI-assisted attacks. “The biggest thing we need to avoid,” he said, “is defenders falling behind attackers in the use of technology.”
Click Here For The Original Source.
