Overview
- Google's Threat Intelligence Group reported what it judges to be the first AI-assisted zero-day and said it was halted before broad use.
- The attack focused on an unnamed open-source web management tool with the goal of bypassing two-factor authentication, which adds a second check to confirm a user's login.
- Analysts flagged AI fingerprints in the Python exploit, including tutorial-style docstrings, a likely invented CVSS risk score, and coding patterns that resemble large language model output.
- Google said it alerted the project's maintainers and that a quick response broke the attack chain, which contained the immediate risk.
- GTIG said the flaw fits a category where AI excels—business-logic issues in authentication flows—so it urges faster scanning and patching as both hackers and researchers use these tools.