Google Confirms First AI-Generated Zero-Day Exploit Found in the Wild

The era of “theoretical” AI-driven cyber warfare has officially come to an end. In a report released by the Google Threat Intelligence Group (GTIG), researchers have documented a maturing transition from nascent AI experiments to the industrial-scale application of generative models within adversarial workflows.

The findings, derived from Mandiant incident response engagements and Google’s internal research, suggest that Artificial Intelligence has become both a “sophisticated engine for adversary operations and a high-value target for attacks”.

In perhaps the most significant revelation of the report, GTIG confirmed the first instance of an AI-built exploit discovered in the wild.

“For the first time, GTIG has identified a threat actor using a zero-day exploit that we believe was developed with AI,” the report states. The criminal actor behind the tool reportedly planned to use it in a mass exploitation event. However, Google’s proactive counter-discovery likely prevented a widespread catastrophe.

This development is not limited to criminal syndicates. State-sponsored threat actors associated with the People’s Republic of China (PRC) and the Democratic People’s Republic of Korea (DPRK) have also demonstrated “significant interest in capitalizing on AI for vulnerability discovery”.

Beyond just finding bugs, AI is fundamentally changing how malware is built and deployed. AI-driven coding has significantly accelerated the development cycles for infrastructure suites and polymorphic malware.

These AI-enabled cycles facilitate advanced defense evasion by allowing adversaries to:

• Create Obfuscation Networks: Designing complex layers that hide malicious intent from security scanners.
• Integrate Decoy Logic: Using AI to generate “decoy logic” that makes malicious code appear like benign software to automated analysis tools.

While the threat landscape is darkening, Google is doubling down on AI as a defensive shield. The report highlights the success of Big Sleep, an AI agent developed by Google DeepMind and Google Project Zero.

Big Sleep recently achieved a world-first by identifying a real-world security vulnerability that was imminently going to be used by threat actors. GTIG was able to “cut off” the threat before it could be weaponized.

Furthermore, Google is experimenting with “AI to not only find vulnerabilities, but also patch them”. A new experimental agent called CodeMender is currently being tested to use the advanced reasoning of Gemini models to automatically fix critical code vulnerabilities before they can be exploited.

As AI-driven threats scale to an industrial level, the report emphasizes that individual defense is no longer enough. “Working closely with industry partners is crucial to building stronger protections for all of our users,” the report concludes. Through initiatives like the Coalition for Secure AI (CoSAI), researchers and technology leaders are attempting to red team and refine defenses as quickly as the adversaries are evolving their offenses.