Google said it disrupted a criminal group’s attempt to use artificial intelligence to exploit a previously unknown software flaw, marking what the company described as its first identified case of attackers using AI to help develop a zero-day exploit for large-scale attacks.
In a May 11 report, Google’s Threat Intelligence Group said the planned attack targeted a widely used open-source system administration tool, but was blocked before it could be used in a broader exploitation campaign.
Google warns AI hacking is entering a new phase
The findings add to growing concerns that AI is becoming more than a technical assistant for hackers, with attackers beginning to use the technology to find weaknesses, generate exploit code and automate parts of cyber operations.
John Hultquist, chief analyst at Google Threat Intelligence Group, said the case likely represents the “tip of the iceberg,” as criminal and state-backed groups test how far AI can be pushed inside hacking workflows.
Attackers move toward autonomous cyber tools
Google’s report said attackers are increasingly moving from early AI-assisted activity toward more industrial use of generative models, including malware development, defense evasion and autonomous attack orchestration.
The company highlighted AI-enabled malware such as PROMPTSPY, which can interpret system states, generate commands and manipulate victim environments, allowing attackers to offload more operational tasks to automated systems.
Google also said suspected Russia-linked actors have used AI to speed up malware development and evade detection, while other groups have sought hidden access to advanced AI models and targeted AI software dependencies as a way into wider networks.
Warnings rise across finance and government
Google’s report comes as regulators and financial officials grow more concerned that powerful AI systems could be used to accelerate attacks against banks, infrastructure and corporate networks.
Earlier this week, European Central Bank President Christine Lagarde said the ECB is studying how euro zone banks should defend themselves if models designed to identify code weaknesses are used by hostile actors.
That concern has been deepened by Anthropic’s limited rollout of Mythos to a small group of U.S. companies, leaving European supervisors unable to directly study a system they fear could eventually shape the cyber threat landscape.
Google’s report suggests those fears are no longer theoretical. As AI moves deeper into both defensive and offensive cybersecurity, companies and regulators are facing a rapidly evolving cyber threat landscape where the same tools built to find vulnerabilities can also help attackers exploit them.