Info Gov

Cybercriminals have for the first time weaponised artificial intelligence to discover and exploit an unknown software vulnerability, Google's Threat Intelligence Group has said.

The company revealed that hackers used AI to identify a so-called "zero-day" flaw (a previously unknown software bug requiring urgent action) and leveraged it to bypass two-factor authentication (2FA) on a widely used platform. The attack was intercepted before it could cause widespread harm, but Google warned that the incident signals a dangerous new era in cybercrime.

Two-factor authentication, which requires users to verify their identity through a second method such as a text message code or an app like Google Authenticator, has long been considered one of the most reliable defences against unauthorised account access.  Google declined to name the affected software or vendor, but confirmed the vulnerability has since been patched.

John Hultquist, chief analyst at Google Threat Intelligence Group, said: "We believe this is the tip of the iceberg. If criminals are doing it, then state actors with significant resources probably are too."

Google's broader AI threat tracker report found that hackers are now using AI to industrialise cyberattacks, from hunting for software flaws and writing malicious code to automating attacks that can run around the clock without human intervention. Google does not believe the criminals involved used cutting-edge AI systems such as its own Gemini or Anthropic's recently unveiled Mythos model, but rather an older AI system, suggesting even legacy AI tools now pose a significant threat.

In April, AI provider Anthropic restricted access to its latest model, Mythosrestricted access to its latest model, Mythos, claiming that its advanced capabilities in software analysis and vulnerability discovery coud be subject to misuse by hackers and systemic cyber risk.

Also in this section

Jul 16, 2026

Scattered Spider pair jailed over TfL hack

Two members of the Scattered Spider hacking collective have each been jailed for five and a half years at Woolwich Crown Court on 16 July over a 2024 cyber attack on Transport for London that compromised the personal data of millions of customers and cost the transport authority £39 million.
Jul 15, 2026

Government introduces mandatory data breach reporting protocol

The Cabinet Office has published a Model Action Plan setting out a single cross-government framework that all departments and arms-length bodies must follow when responding to significant personal data breaches, introducing mandatory central reporting of such incidents for the first time.
Jun 29, 2026

"Five eyes" warn on accelerating cyber security threat from AI

The National Cyber Security has called on organisational leaders to treat cyber resilience as a core business and governance responsibility rather than a technical matter in the light of a report by the Five Eyes intelligence alliance on the "fundamental" impact of AI on the speed and scale of cyber threats.
Jun 15, 2026

Government AI hackathons uncover 407 vulnerabilities across nine departments, including critical remote code execution flaw

A pilot programme using frontier AI models to scan public-sector code repositories has identified 407 security findings across nine government organisations, including a critical vulnerability that could have allowed an external attacker to execute arbitrary code on a key digital service, the Department for Science, Innovation and Technology (DSIT) and the National Cyber Security Centre (NCSC)…

InfoGov Masthead Newsletter 800