Alphabet has warned that cybercriminals are increasingly using artificial intelligence to identify software vulnerabilities and develop exploits, marking a major shift in how hacking operations are being conducted.
In a new report, Google’s Threat Intelligence Group said hackers linked to a prominent cybercrime network used AI tools to discover a previously unknown software flaw and attempt to exploit it before the activity was detected and blocked, News.Az reports, citing Reuters.
The targeted system was a widely used open-source administrative tool, and according to the company, the planned attack was stopped before it could escalate into a large-scale “mass exploitation” event.
Security researchers said this represents the first known case in which attackers have used AI to independently identify a new vulnerability and attempt to weaponize it at scale.
Google cybersecurity experts warned that this development likely signals only the beginning of a broader trend, with both criminal groups and state-backed hackers rapidly integrating AI into their operations.
The report highlights a growing shift toward semi-autonomous cyberattacks, where artificial intelligence is not only used for research but also for generating code, scanning systems for weaknesses, and assisting in malware development with reduced human involvement.
Experts say this evolution could significantly lower the technical barrier for launching sophisticated cyberattacks, allowing less skilled actors to carry out more complex operations.
The findings come amid increasing global concern about the security risks posed by advanced AI systems, particularly as governments and regulators struggle to keep pace with rapidly evolving technology.
Google also noted that hacking groups linked to countries including China, Russia, and North Korea are already experimenting with AI tools in cyber operations, although these techniques are still in early stages of development.
Cybersecurity analysts warn that as AI capabilities improve, the speed, scale, and complexity of cyberattacks could increase dramatically, raising new challenges for governments, businesses, and critical infrastructure providers worldwide.