Computer Works Computer Works
Call
Cybersecurity

Google Catches the First AI-Built Cyberattack in History — Here's What It Means for You

For the first time ever, Google's threat researchers caught criminals using AI to build a working cyberattack — a zero-day exploit designed to bypass two-factor authentication at massive scale. Here's what happened, why it matters, and what small businesses and everyday users can do right now.

Google Catches the First AI-Built Cyberattack in History — Here's What It Means for You

Update note: Our earlier post explored how hackers were beginning to use AI to discover zero-day exploits in theory. This week, it stopped being theoretical. Google has now confirmed a real, in-the-wild case — the first time an AI-generated exploit has ever been caught being weaponized against real targets.

We've been warning for a while that AI is changing the cybersecurity landscape. But this past week, that warning crossed a significant line: for the first time in recorded history, researchers caught criminals actually using AI to build a working cyberattack.

The Verge reports that Google's Threat Intelligence Group (GTIG) identified and stopped a zero-day exploit that its researchers say was likely developed with the help of an AI system. The target? A popular open-source, web-based system administration tool used by countless businesses and developers. The goal? Bypassing two-factor authentication (2FA) — one of the most widely trusted security measures people rely on every day.

How Researchers Knew AI Was Involved

One of the most striking parts of this story is how Google figured out that AI wrote the exploit. The attack was delivered as a Python script, and when researchers analyzed the code, it had all the telltale signs of something generated by a large language model (LLM).

According to The Hacker News, the script contained "an abundance of educational docstrings" — those neatly formatted explanatory comments that LLMs love to include — along with a hallucinated CVSS score (a fake severity rating that an AI fabricated and inserted as if it were real), and a clean, textbook-style structure "highly characteristic of LLMs training data." In other words, the code looked less like something a seasoned hacker wrote in a dark corner of the internet, and more like a homework assignment generated by ChatGPT.

GTIG clarified that they do not believe Google's own Gemini AI was used to create the exploit — but that some AI model almost certainly was.

What the Attack Was Actually Trying to Do

The vulnerability itself stemmed from what researchers described as a "high-level semantic logic flaw" — specifically, a case where a developer had hardcoded a trust assumption into a platform's 2FA system that essentially told the software to skip verification under certain conditions. It's exactly the kind of subtle, logic-layer bug that's easy for a human to miss but that AI models — trained on massive codebases — are increasingly good at spotting.

Help Net Security quotes John Hultquist, Chief Analyst at Google Threat Intelligence Group: "Cybercriminals do use zero-days, frequently in fast mass exploitation events, like the one this actor planned. Because cybercriminals have to alter their targets for extortion, using zero-days for a prolonged period is harder; therefore, their best option is rapid deployment."

Translation: the plan wasn't a slow, targeted attack on one company. It was a rapid, wide-net sweep — find the flaw, use AI to weaponize it fast, and hit as many victims as possible before anyone can patch.

Google worked with the affected vendor to responsibly disclose the flaw and get it fixed before the mass exploitation campaign could be launched.

AI Is Also Being Used to Make Malware Harder to Detect

The zero-day exploit wasn't the only alarming finding in GTIG's report. Russia-linked threat actors have deployed two malware families — CANFAIL and LONGSTREAM — that use AI-generated decoy code to camouflage their malicious functions. Help Net Security notes that CANFAIL actually contains LLM-authored comments explicitly labeling blocks of code as "unused filler" — code generated specifically to confuse security analysts. LONGSTREAM takes a different approach, embedding 32 separate instances of a functionally irrelevant system query just to make the script look harmless.

Meanwhile, an Android backdoor called PROMPTSPY takes AI integration even further. The malware connects to Google's Gemini API in real time, sending the device's live screen layout and receiving back precise tap coordinates — essentially letting the malware navigate your phone autonomously, without a human operator. It can also capture PINs and lock screen patterns and replay them later. And if you try to uninstall it? It renders an invisible overlay over the uninstall button so your tap does nothing.

What This Means for Small Businesses and Everyday Users

Here's the uncomfortable truth: AI is compressing the timeline between "flaw discovered" and "flaw exploited." Ryan Dewhurst of watchTowr put it bluntly in a statement to The Hacker News: "Discovery, weaponization, and exploitation are faster. We're not heading toward compressed timelines; we've been watching the timelines compress for years. There is no mercy from attackers, and defenders don't get to opt out."

For Yuba City small businesses and everyday users, a few concrete steps matter more than ever right now:

1. Two-factor authentication is still worth using — but don't treat it as a magic shield. This attack targeted 2FA, not because 2FA is bad, but because attackers know it's the last lock on the door. Keep using it, but pair it with other layers: strong unique passwords, up-to-date software, and smart browsing habits.

2. Patch everything. Immediately. The reason this attack was stopped was because Google caught it before patches were out. That window between "vulnerability disclosed" and "patch installed on your machine" is where you're most exposed. If your devices are prompting you to update — do it.

3. Watch for AI-enabled phishing and social engineering. GTIG's report also documented hackers using "persona-driven jailbreaking" to get AI tools to assist in reconnaissance and attack planning. That means phishing emails and scam messages are getting smarter and more personalized. If something feels off, trust that instinct.

4. Treat your admin tools as high-value targets. The tool targeted in this attack was a system administration tool — exactly the kind of software that runs quietly in the background and doesn't always get the security scrutiny it deserves. If you're running any web-based admin panels or management interfaces, make sure they're updated, access-controlled, and monitored.

5. AI supply chain attacks are real. The same GTIG report flagged a compromise of repositories tied to LiteLLM, a widely used AI gateway library — attackers embedded a credential stealer to harvest cloud API keys and GitHub tokens. If your business is starting to use AI tools and integrations (and many are), those integrations need to be treated with the same security scrutiny as any other third-party software.

The cybersecurity world just passed a milestone it can't walk back from. AI-assisted attacks are no longer a future concern — they're a present one, and the first confirmed case is already behind us.

If you're unsure whether your systems and devices are protected against fast-moving threats like these, our membership plan includes real-time vulnerability monitoring and safe browsing protection that adapts as the threat landscape shifts — we're here if you want to talk through your options.

Published May 2026 | Computer Works — Yuba City, CA

Recommended
Proton VPN
Proton VPN
Protect your browsing
Proton Mail
Proton Mail
Encrypted email
Related local service
Worried this could be malware?
If your computer has pop-ups, redirects, suspicious downloads, or ransomware warnings, start with our local virus removal page.
Call Us View virus removal
Tags
cybersecurity small-business-it vulnerability patch-management web-security
← Back to all posts