{"id":212044,"date":"2026-05-11T09:00:00","date_gmt":"2026-05-11T13:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/11\/google-says-criminal-hackers-used-a-i-to-find-a-major-software-flaw\/"},"modified":"2026-05-11T10:50:09","modified_gmt":"2026-05-11T14:50:09","slug":"google-says-criminal-hackers-used-a-i-to-find-a-major-software-flaw","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/11\/google-says-criminal-hackers-used-a-i-to-find-a-major-software-flaw\/","title":{"rendered":"Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw"},"content":{"rendered":"<p><a href=\"https:\/\/www.nytimes.com\/2026\/05\/11\/us\/politics\/google-hackers-attack-ai.html\">Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw<\/a><\/p>\n<p><a href=\"https:\/\/www.nytimes.com\/2026\/05\/11\/us\/politics\/google-hackers-attack-ai.html\">https:\/\/www.nytimes.com\/2026\/05\/11\/us\/politics\/google-hackers-attack-ai.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-11 09:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.nytimes.com\">www.nytimes.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. A criminal hacking group recently attempted to launch a widespread cyberattack that appeared to rely on artificial intelligence to detect a previously unknown bug, Google said in research published Monday, highlighting the potential threat that A.I. poses to digital security.Security experts have feared for years that malicious hackers could eventually rely on A.I. models to identify undisclosed flaws in computer code to launch crippling attacks that are difficult to guard against. That fear was largely theoretical until now.\u201cWe have high confidence that the actor likely leveraged an A.I. model to support the discovery and weaponization of this vulnerability,\u201d the report said.The tech giant did not say precisely when the thwarted attack happened, whom it was targeting or which A.I. platform the hackers used, but the company added that it did not believe it was its own Gemini chatbot.Google\u2019s research arrives as the technology industry and governments, including the Trump administration, re-evaluate how, and whether, to police advanced versions of A.I., in large part because of growing concerns over what they mean for cybersecurity.Flaws like the one identified by Google and the hacking group are known as \u201czero-day vulnerabilities\u201d \u2014 security holes that are unknown to the software makers. They were once considered so rare and powerful that they could fetch millions of dollars on black markets used to sell hacking tools.But new A.I. models like Anthropic\u2019s Mythos, which was announced last month, appear to be so good at finding such holes that Anthropic shared it only with a limited number of firms and government agencies in the United States and Britain. When Mythos was announced, Anthropic said it had identified thousands of zero-day vulnerabilities \u201cin every major operating system and every major web browser,\u201d including many that were decades old.A.I. models are rapidly upending cybersecurity. Late last year, Anthropic said that state-sponsored Chinese hackers had used its technology in an effort to infiltrate the computer systems of about 30 companies and government agencies around the world. It was the first reported case of a cyberattack in which A.I. had gathered sensitive information with limited help from human operators.The zero-day flaw was detected by the Google Threat Intelligence Group within the past few months and was exploited by \u201cprominent cybercrime threat actors\u201d in a script of the Python programming language. It would have allowed the hackers to bypass two-factor authentication on \u201ca popular open-source, web-based system administration tool,\u201d though the hackers also would have needed access to valid credentials like user names and passwords to be successful, the company said.Google declined to identify the administration tool but said it notified the software maker quickly enough to allow for a patch before the attack could do damage. It also declined to identify the hackers.Updated\u00a0May 11, 2026, 10:33 a.m. ETGoogle and independent security researchers said the attempted attack was the first known example of a zero-day bug being put to malicious use by hackers enabled chiefly by A.I.\u201cIt\u2019s a taste of what\u2019s to come,\u201d John Hultquist, the chief analyst at Google Threat Intelligence Group, said in an interview. \u201cWe believe this is the tip of the iceberg. This problem is probably much bigger; this is just the first tangible evidence that we can see.\u201dRob Joyce, the former cybersecurity director of the National Security Agency, said that it can be difficult to know whether a human or machine wrote computer code, adding that, \u201cA.I.-authored code does not announce itself.\u201dBut Google\u2019s clues linking the hack to A.I. \u2014 which included excessive explainer text and other curiosities that human coders would have no reason to include \u2014 appeared compelling, said Mr. Joyce, who reviewed the findings ahead of their public release. \u201cIt is the closest thing yet to a fingerprint at the crime scene,\u201d he said.Mr. Hultquist said that Google possessed other indicators that bolstered its conclusion that the hacking code was written by A.I., but he declined to discuss them.The zero-day flaw announced by Google could bolster international calls for controlled releases of the latest A.I. models so specialists can patch problems first. The Trump administration has been assessing ideas that could include a formal government review process for new models, The New York Times reported last week.Some experts believe A.I. will ultimately strengthen cybersecurity in the long run by allowing the production of flawless software code. But in the short term, they say, governments and companies need to work together to limit the damage models can do to the current internet, which was crafted by imperfect human hands.\u201cThe bleeding-edge models will allow us to build the safest code we\u2019ve ever built,\u201d Mr. Hultquist said. \u201cThat is an absolute win for cybersecurity. The challenge is that we have just begun that process, and we have to contend with a world of code that is already out there.\u201d<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google Says Criminal Hackers Used A.I. to Find a Major Software Flaw https:\/\/www.nytimes.com\/2026\/05\/11\/us\/politics\/google-hackers-attack-ai.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":212045,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/static01.nyt.com\/images\/2026\/05\/11\/multimedia\/11dc-cyber2-fqhz\/11dc-cyber2-fqhz-facebookJumbo.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,27],"class_list":["post-212044","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212044"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=212044"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212044\/revisions"}],"predecessor-version":[{"id":212046,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212044\/revisions\/212046"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/212045"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=212044"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=212044"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=212044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}