Alphabet (GOOGL) Stock: Google Just Found Hackers Using AI to Build Exploits

TLDR

• Google’s Threat Intelligence Group confirmed the first known case of hackers using AI to find and weaponize a zero-day vulnerability.
• The attack targeted a widely used open-source system administration tool and was blocked before mass exploitation.
• AI was used to bypass two-factor authentication by finding a hidden flaw in the software’s login logic.
• State-linked groups from North Korea and China are also testing AI in cyberattack workflows.
• Google’s chief analyst warned: “The AI vulnerability race isn’t imminent — it’s already begun.”

Alphabet’s (GOOGL) Google published a report Monday from its Threat Intelligence Group revealing what it believes to be the first confirmed case of cybercriminals using artificial intelligence to discover a zero-day vulnerability — and then build an exploit for it.

The attack targeted a widely used open-source system administration tool. Google said it was blocked before it could be used in a mass exploitation event. The company has since disclosed the flaw to the vendor.

GOOGL closed Monday at around $166, up modestly on the session, as the report drew attention to Google’s growing role in tracking AI-enabled threats.

Alphabet Inc., GOOGL

The vulnerability involved a hidden trust assumption in the software’s login logic. Hackers used AI to spot it — something conventional security tools had missed — and then used it to bypass two-factor authentication protections.

Google identified the attack as AI-generated based on specific code characteristics: overly explanatory comments, a fabricated severity rating for the bug, and coding patterns typical of AI-written Python scripts.

The criminal groups behind the attack were not named in the report. Google said multiple “prominent cybercrime threat actors” worked together to identify and weaponize the flaw.

What the Threat Intelligence Group Found

John Hultquist, chief analyst at Google’s Threat Intelligence Group, said the findings are likely “the tip of the iceberg.” He added that for every AI-linked zero-day Google can trace, there are “probably many more out there.”

The report also documented North Korean military hacking group APT45 using AI to test and validate thousands of exploits targeting known software flaws.

Chinese state-linked actors were also flagged as experimenting with AI in attack workflows, though techniques remain at early stages.

Google uncovered a separate piece of malware, dubbed PromptSpy, which uses Google’s own Gemini model to autonomously navigate Android devices — interpreting on-screen activity and issuing commands in real time with limited human input.

State-Backed Hackers Getting in on AI

The shift described in the report isn’t just criminals working faster. It’s about AI becoming an active component in cyberattacks — analyzing targets, writing code, and making decisions without a person in the loop.

That’s a different threat model than what most organizations have planned for.

Financial regulators in Europe have already flagged similar concerns, warning that rapidly evolving AI is increasing the speed and scale of cyber risks — particularly during a period of heightened geopolitical tension.

The report notes that Russia and North Korea-linked groups are also integrating AI into attack pipelines, though Google said all of these efforts are still relatively early in development.

Google said it has disclosed the zero-day flaw to the affected vendor after blocking the attempt.

The post Alphabet (GOOGL) Stock: Google Just Found Hackers Using AI to Build Exploits appeared first on CoinCentral.