Google's threat intelligence team just confirmed what cybersecurity experts have been dreading: hackers are now using AI to discover and exploit zero-day vulnerabilities in the wild.
This isn't a theoretical threat anymore. It's happening.
According to John Hultquist, chief analyst at Google's threat intelligence arm, the company recently disrupted an attack where adversaries used AI to identify an unknown weakness in a target's systems and exploit it before defenders even knew the vulnerability existed.
"It's here," Hultquist said in a statement. "The era of AI-driven vulnerability discovery and exploitation is already here."
What's a Zero-Day Vulnerability?
For the non-technical: A zero-day is a security flaw that the software maker doesn't know about. The name comes from the fact that developers have had "zero days" to fix it by the time attackers discover it.
Zero-days are the nuclear weapons of cybersecurity. They're incredibly valuable because there's no patch, no signature that antivirus can detect, no way to defend against them except pure luck or extremely sophisticated behavioral detection.
Finding zero-days traditionally required highly skilled security researchers spending weeks or months analyzing code. The best ones could command six or seven figures on the gray market.
Now AI can potentially do that work in hours or days.
How AI Changes the Game
AI models can analyze massive codebases far faster than humans. They can spot patterns that indicate potential vulnerabilities—things like incorrect memory handling, race conditions, or logic flaws that a human might miss.
More concerning: AI can automate the entire exploitation pipeline. It can discover the vulnerability, write an exploit, test it against different configurations, and even generate phishing lures or social engineering attacks to deliver the payload.
What used to require a team of elite hackers can now potentially be done by a competent developer with access to the right AI tools.
