Google says it has identified the first zero-day exploit it believes was developed with artificial intelligence, including a Python script used to bypass two-factor authentication on an open source web-based system administration tool. The report also highlights AI-driven vulnerability research and exploit development by Chinese and North Korean threat actors, including UNC2814 and APT45. #UNC2814 #APT45 #Gemini #GTIG #Mandiant #TPLink
Keypoints
- Google identified a zero-day exploit it believes was developed using AI.
- The exploit was designed to bypass 2FA on an open source administration tool.
- Google worked with the impacted vendor to prevent mass exploitation.
- Chinese and North Korean threat actors are using AI for vulnerability discovery and exploit validation.
- UNC2814 and APT45 were observed using AI-assisted techniques in targeted operations.
Read More: https://www.securityweek.com/google-detects-first-ai-generated-zero-day-exploit/