Google’s Threat Intelligence Group has confirmed the first publicly documented AI-assisted zero-day exploit targeting an open-source web administration tool, signalling a new phase in AI-driven vulnerability discovery and software supply-chain risk.
Google’s Threat Intelligence Group (GTIG) has disclosed the first publicly confirmed AI-assisted zero-day exploit, involving a Python-based 2FA bypass in a widely used open-source web administration tool. Google coordinated disclosure and patching before large-scale exploitation campaigns began.
The vulnerability was identified as a high-level semantic logic flaw involving hardcoded trust assumptions that contradicted the application’s own two-factor authentication enforcement logic. According to GTIG researchers, frontier large language models “have an increasing ability to perform contextual reasoning, effectively reading the developer’s intent.”
The disclosure is significant because such logic flaws are difficult for fuzzers, static analysis tools, and traditional automated scanners to detect. The report suggests AI could remove the long-standing bottleneck of limited human vulnerability researchers, enabling scalable discovery of exploitable flaws across widely deployed open-source software.
Help Net Security noted the exploit exposed textbook LLM fingerprints, including a hallucinated CVSS score, educational docstrings, detailed help menus, and clean ANSI colour classes. Researchers warned future AI-generated exploits may omit such artefacts, making attribution and detection far harder.
John Hultquist warned, “for every zero-day we can trace back to AI, there are probably many more out there.”
The report also highlighted growing open-source AI supply-chain risks after threat group UNC6780 compromised GitHub repositories, including LiteLLM, to steal AWS keys and GitHub tokens from build environments.
