Google Threat Intelligence Group says a zero-day exploit against an unnamed open-source web administration tool was likely created with AI to bypass two-factor authentication, and the attack was stopped before mass exploitation. The report also links AI use to other threat activity involving APT27, APT45, UNC2814, UNC5673, UNC6201, CANFAIL, LONGSTREAM, Overload, and PromptSpy. #APT27 #APT45 #UNC2814 #UNC5673 #UNC6201 #CANFAIL #LONGSTREAM #Overload #PromptSpy
Keypoints
- GTIG says an AI model likely generated a zero-day exploit.
- The exploit could bypass 2FA in an unnamed open-source admin tool.
- Google judged the Python code structure as highly characteristic of LLM output.
- AI appears better suited to finding the semantic logic bug behind the flaw.
- Google also linked AI use to APT27, APT45, CANFAIL, LONGSTREAM, Overload, and PromptSpy.