Google said it has seen the first evidence of cybercriminals using AI to create a zero-day vulnerability, Politico reported .
Google reported the findings to the unnamed company affected by the flaw before releasing its report. The company later issued a patch to fix the issue.
Google Threat Intelligence Group researchers detailed the finding in a report released Monday.
Zero-day exploits are among the most serious security flaws because security companies have not yet detected them, and no known fix exists when they are discovered.
The report said this was the first time Google had seen evidence of AI being used to develop such vulnerabilities. The finding suggests newer AI models could be used not only to find major exploits, but also to create them.
Google concluded that Anthropic’s Claude Mythos model was most likely not used to create the zero-day exploit.
Claude Mythos has already found thousands of vulnerabilities across major operating systems and web browsers, according to the report.
The Google Threat Intelligence Group report also described efforts by Russia-linked hacking groups to use AI models to target Ukrainian networks with malware.
The report also said the North Korean government hacking group APT45 used AI technologies to refine and expand its cyber methods.
John Hultquist, chief analyst at Google Threat Intelligence Group, said the findings show that the race to use AI to find network vulnerabilities has “already begun.”
Hultquist said that for every zero-day traced back to AI, there are likely many more that have not yet been found.
He added that threat actors are using AI to increase the speed, scale, and sophistication of their attacks.
📢 For the latest Tech & Telecom news, videos and analysis join ProPakistani's WhatsApp Group now!
Follow ProPakistani on Google News & scroll through your favourite content faster!
Shares
