Google Discovers First AI-Made Zero-Day Exploit, Claims It Was Not Made With Gemini

Google has identified the first zero-day exploit developed with artificial intelligence, marking a significant escalation in cybersecurity risks. The Threat Intelligence Group (GITG) detected the vulnerability, which was intended for mass exploitation, and worked to neutralize the threat before it could be deployed. The company clarified that its own AI model, Gemini, was not involved in creating the exploit, though it acknowledged that threat actors associated with China and North Korea have shown interest in using AI for similar purposes. A zero-day exploit is particularly dangerous because it targets unknown vulnerabilities, leaving organizations with no time to prepare defenses. Google’s proactive discovery allowed the affected company to patch the flaw before attackers could exploit it. The report highlights the growing role of AI in cyber threats, as automated tools lower the barrier for developing sophisticated exploits. While Google did not specify which AI model or threat actor group was responsible, the incident underscores the need for stronger cybersecurity measures against AI-assisted attacks. The company’s findings suggest that state-backed actors may increasingly leverage AI to identify and weaponize vulnerabilities, posing a new challenge for global cybersecurity efforts. The disclosure comes amid broader concerns about AI’s dual-use potential, where advancements in generative models could be repurposed for malicious activities. Google’s response demonstrates the importance of collaboration between tech firms and cybersecurity teams to mitigate emerging risks. As AI tools become more accessible, the likelihood of similar exploits developing will rise, necessitating continuous vigilance and innovation in defense strategies.