Hackers Are Now Using AI to Create Zero-Day Exploits

by Binay Konwar | May 12, 2026 | News

SammyGuru has affiliate and sponsored partnerships, we may earn a commission.

SammyGuru is reader-supported. We have affiliate and sponsored partnerships, so we may earn a commission when you buy through links on our site — at no extra cost to you. Learn more.

May 12, 2026 • 2 min read

Set as preferred source Follow on Google Discover

Even though AI is making day-to-day life easier, the same technology could also play a big role in harmful activities. A recent case has come to light, highlighting the risks of AI in cybersecurity. Google believes hackers may have used AI to create a zero-day exploit, though the company stopped it before it could be used in attacks.

A case of AI-linked zero-day exploit emerges

In recent years, Cybercriminal groups have become increasingly interested in AI for vulnerability development. The Google Threat Intelligence Group (GTIG) has recently identified a threat actor using a zero-day exploit that researchers believe was built with AI. This is the first time the GTIG has observed such activity. The good news is that it has stopped the threat activity by working with the affected vendor.

“The criminal threat actor planned to use it in a mass exploitation event but our proactive counter discovery may have prevented its use,” said the company. The exploit targeted a security weakness in a popular open-source, web-based system administration tool. This allowed attackers to bypass two-factor authentication (2FA), making it easier to access systems.

Google said it does not believe its Gemini model was used for the exploit. However, the code’s structure and content suggest the attackers likely used an AI model. This probably allowed the hackers to identify and weaponize the security flaw. The script included a host of educational docstrings, such as a hallucinated CVSS score. Furthermore, it used a highly structured Pythonic format that follows characteristics of large language model training data.

John Hultquist, chief analyst at Google Threat Intelligence Group, said the race to use AI to find network vulnerabilities has already begun. The reason is that AI helps hacker boost the speed, scale, and sophistication of their attacks. There are probably many more AI-linked zero-day attacks that have not yet been caught.

Written by

Binay Konwar

Binay Konwar started his blogging journey in 2014 and has since written plenty of tech articles. At present, he is working as a News Writer at SammyGuru, covering everything about Samsung. He holds a Master's degree in Mathematics, but his real passion lies in tech and writing. In his free time, he enjoys playing chess and watching movies.

X More from Binay Konwar →

← PreviousGalaxy S25 Ultra gets One UI 8.5, But Several S26 Ultra Features are Missing Next →Galaxy S26 One UI 9 Beta Could Launch Soon as Samsung Opens Forums

Google