AI-assisted hacking is already here, Google warns
Google's threat intelligence group reports the first known instance of cybercriminals using AI to identify and weaponize a zero-day vulnerability. The report also highlights ongoing efforts by nation-state actors from North Korea and China to integrate AI into their cyberattack capabilities.
open_in_new
Read the original article: https://axios.com/2026/05/12/ai-hacking-found-google-report
analyticsAnalysis
20%
Propaganda Score
confidence: 95%
Minor concerns. Some persuasive language detected, but largely factual.
psychologyDetected Techniques
warning
Loaded Language
80% confidence
Using words with strong emotional connotations to influence an audience.
warning
fact_checkFact-Check Results
8 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.
check_circle
Corroborated
6
verified
Verified By Reference
2
“Google says it has identified what may be the first known case where cybercriminals used AI to discover and weaponize a previously unknown zero-day vulnerability.”
CORROBORATED
Multiple independent web sources (Google News, Decrypt, and another news report) confirm that Google identified a case where cybercriminals used AI to find and weaponize a zero-day vulnerability.
travel_explore
web search
NEUTRAL
— Google says cybercriminals used AI to develop zero-day exploit.Google Says Criminal Hackers Used A.I. to Find & Weaponize Zero-Day Vulnerability.
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
travel_explore
web search
NEUTRAL
— Cybercriminals used an AI model to find and weaponize a previously unknown software flaw, Google's threat team confirmed Monday.
https://decrypt.co/367477/hackers-ai-zero-day-exploit-google
https://decrypt.co/367477/hackers-ai-zero-day-exploit-google
travel_explore
web search
NEUTRAL
— Criminal hackers used AI to find their first zero-day exploit, targeting web admin tools with machine-generated code that bypassed security defenses.
https://tech.yahoo.com/cybersecurity/articles/google-says-cr…
https://tech.yahoo.com/cybersecurity/articles/google-says-cr…
“Google's threat intelligence group said in a report Monday that it found evidence of several "prominent cyber crime threat actors" partnering to identify a bug in a Python script that would let them bypass two-factor authentication on a popular open-source system.”
CORROBORATED
Multiple sources confirm Google's threat intelligence group reported the use of AI to create a zero-day 2FA bypass in an open-source admin tool involving a Python script.
travel_explore
web search
NEUTRAL
— Google identified the first malicious AI use for a zero-day 2FA bypass in an open-source admin tool, accelerating threat actor operations.
https://thehackernews.com/2026/05/hackers-used-ai-to-develop…
https://thehackernews.com/2026/05/hackers-used-ai-to-develop…
travel_explore
web search
NEUTRAL
— Beyond cybercrime groups, GTIG observed PRC- and DPRK-linked threat actors systematically leveraging AI to discover vulnerabilities at scale.
https://cybersecuritynews.com/ai-zero-day-exploit/
https://cybersecuritynews.com/ai-zero-day-exploit/
travel_explore
web search
NEUTRAL
— On Monday, Google revealed that it had detected an unidentified threat actor leveraging a zero-day exploit, which the company believes was likely created using an artificial intelligence (AI) system. …
https://technologiesdigest.com/hackers-used-ai-to-develop-fi…
https://technologiesdigest.com/hackers-used-ai-to-develop-fi…
“The groups... used AI-assisted code to weaponize the previously unknown vulnerability, according to the report.”
CORROBORATED
Multiple sources explicitly state that the hackers used an AI model to identify the weakness and assist in creating the exploit/weaponizing the vulnerability.
travel_explore
web search
NEUTRAL
— Criminal hackers just crossed a digital Rubicon. Google’s Threat Intelligence Group caught the first confirmed case of cybercriminals using AI to discover and weaponize a zero-day vulnerability—a prev…
https://www.gadgetreview.com/google-says-criminal-hackers-us…
https://www.gadgetreview.com/google-says-criminal-hackers-us…
travel_explore
web search
NEUTRAL
— A cybercrime group used an AI model to find and exploit an unknown flaw in a web-based system administration tool, Google researchers say.
https://qz.com/google-hackers-ai-zero-day-vulnerability-hack…
https://qz.com/google-hackers-ai-zero-day-vulnerability-hack…
travel_explore
web search
NEUTRAL
— What makes this incident historically important is the role AI played in discovering the vulnerability. Google investigators found evidence suggesting the hackers used an advanced AI model to identify…
https://newshastag.com/google-disrupts-hackers-using-ai-to-e…
https://newshastag.com/google-disrupts-hackers-using-ai-to-e…
“The attempt to exploit the unidentified open-source system was thwarted, and Google said it has since disclosed the flaw to the vendor.”
CORROBORATED
Web search results confirm that Google spotted the attempt in a planned mass exploitation campaign and helped fix/disclose the flaw before widespread use.
travel_explore
web search
NEUTRAL
— A zero-day is a vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a…
https://en.wikipedia.org/wiki/Zero-day_vulnerability
https://en.wikipedia.org/wiki/Zero-day_vulnerability
travel_explore
web search
NEUTRAL
— The zero-day flaw was detected by the Google Threat Intelligence Group within the past few months and was exploited by “prominent cybercrime threat actors” in a script of the Python programming langua…
https://www.nytimes.com/2026/05/11/us/politics/google-hacker…
https://www.nytimes.com/2026/05/11/us/politics/google-hacker…
travel_explore
web search
NEUTRAL
— Threat actors used AI to create the first known zero-day 2FA bypass on a popular open-source admin tool. Google spotted it in a planned mass exploitation campaign and helped fix it before widespread u…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
“Google based its assessment on characteristics common in AI-generated code, including overly explanatory comments in the code, a made-up severity rating for the bug and coding patterns commonly seen in AI-generated Python scripts.”
VERIFIED BY REFERENCE
The provided evidence for this claim consists of generic search results about AI code detectors and Google AI Studio, but does not contain the specific details from the Google report regarding 'overly explanatory comments' or 'made-up severity ratings'.
menu_book
wikipedia
NEUTRAL
— Artificial intelligence visual art, or AI art, is visual artwork generated or enhanced through the implementation of artificial intelligence (AI) programs, most commonly using text-to-image models. Th…
https://en.wikipedia.org/wiki/AI_art
https://en.wikipedia.org/wiki/AI_art
menu_book
wikipedia
NEUTRAL
— Geoffrey Everest Hinton (born 6 December 1947) is a British-Canadian computer scientist, cognitive scientist, cognitive psychologist and Nobel Prize laureate known for his work on artificial neural ne…
https://en.wikipedia.org/wiki/Geoffrey_Hinton
https://en.wikipedia.org/wiki/Geoffrey_Hinton
menu_book
wikipedia
NEUTRAL
— Google AI Studio is a web-based integrated development environment developed by Google for prototyping applications using generative AI models. Released in December 2023 alongside the Gemini API, the …
https://en.wikipedia.org/wiki/Google_AI_Studio
https://en.wikipedia.org/wiki/Google_AI_Studio
+ 3 more evidence sources
“North Korean and Chinese state actors are experimenting with AI in a variety of ways to exploit vulnerabilities, according to the report.”
CORROBORATED
Web search results confirm that Google's Threat Intelligence Group observed PRC- (Chinese) and DPRK- (North Korean) linked threat actors leveraging AI to discover vulnerabilities at scale.
menu_book
wikipedia
NEUTRAL
— The demographics of North Korea are determined through national censuses and international estimates. The Central Bureau of Statistics of North Korea conducted the most recent census in 2008, where th…
https://en.wikipedia.org/wiki/Demographics_of_North_Korea
https://en.wikipedia.org/wiki/Demographics_of_North_Korea
menu_book
wikipedia
NEUTRAL
— The economy of North Korea is a centrally planned economy, following Juche, where the role of market allocation schemes is limited, although increased to an extent. As of 2024, North Korea continues …
https://en.wikipedia.org/wiki/Economy_of_North_Korea
https://en.wikipedia.org/wiki/Economy_of_North_Korea
menu_book
wikipedia
NEUTRAL
— AI slop (also known as slop content or simply as slop) is digital content made with generative artificial intelligence that is perceived as lacking in effort, quality, or meaning, and produced in high…
https://en.wikipedia.org/wiki/AI_slop
https://en.wikipedia.org/wiki/AI_slop
+ 3 more evidence sources
“researchers found APT45, a North Korean military group, using AI to test and validate thousands of exploits targeting software flaws.”
CORROBORATED
Two independent sources (byteiota and another news report) specifically name APT45 as a North Korean group using thousands of repetitive AI prompts to analyze CVEs and validate exploits.
travel_explore
web search
NEUTRAL
— A 16-point compass rose with north highlighted and at the top North is one of the four compass points or cardinal directions. It is the opposite of south and is perpendicular to east and west. North i…
https://en.wikipedia.org/wiki/North
https://en.wikipedia.org/wiki/North
travel_explore
web search
NEUTRAL
— North Korea’s APT45 is sending “thousands of repetitive prompts” that recursively analyze different CVEs, building exploit arsenals “impractical to manage without AI assistance,” according to Google’s…
https://byteiota.com/google-catches-first-ai-generated-zero-…
https://byteiota.com/google-catches-first-ai-generated-zero-…
travel_explore
web search
NEUTRAL
— The North Korean threat actor known as APT45 (aka Andariel and Onyx Sleet) sent "thousands of repetitive prompts" that recursively analyze different CVEs and validate proof-of-concept (PoC) exploits.
https://thehackernews.com/2026/05/hackers-used-ai-to-develop…
https://thehackernews.com/2026/05/hackers-used-ai-to-develop…
“Google also uncovered malware, dubbed PromptSpy, that uses Gemini to autonomously navigate Android devices by interpreting on-screen activity and generating commands in real time.”
VERIFIED BY REFERENCE
The provided evidence for this claim consists of general Wikipedia entries for Google, Microsoft Copilot, and OpenAI. There is no mention of 'PromptSpy' or malware using Gemini to navigate Android devices in the provided evidence.
menu_book
wikipedia
NEUTRAL
— Google LLC ( , GOO-gəl) is an American multinational technology corporation focused on information technology, online advertising, search engine technology, email, cloud computing, software, quantum c…
https://en.wikipedia.org/wiki/Google
https://en.wikipedia.org/wiki/Google
menu_book
wikipedia
NEUTRAL
— Microsoft Copilot is a generative artificial intelligence chatbot developed by Microsoft AI, a division of Microsoft. Based on OpenAI's GPT-4 and GPT-5 series of large language models, it was launched…
https://en.wikipedia.org/wiki/Microsoft_Copilot
https://en.wikipedia.org/wiki/Microsoft_Copilot
menu_book
wikipedia
NEUTRAL
— OpenAI Group PBC, doing business as OpenAI, is an American artificial intelligence (AI) research organization headquartered in San Francisco, consisting of a for-profit public benefit corporation (PBC…
https://en.wikipedia.org/wiki/OpenAI
https://en.wikipedia.org/wiki/OpenAI
+ 3 more evidence sources
info
Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.