Google Finds AI‑Crafted Zero‑Day 2FA Bypass

SkimNews Take
AI's capacity to accelerate the discovery and exploitation of zero-day vulnerabilities, even for complex tasks like 2FA bypass, suggests a future where the speed of attack development outpaces traditional defense cycles.
Get the Tech newsletter
Daily tech — startups, AI labs, chips, the launches that shape the next decade. Free.
- Google disclosed a zero‑day 2FA bypass likely generated by an AI model, used by threat actors to target a popular open‑source system administration tool.
- Google Threat Intelligence Group identified the exploit as a Python script with LLM‑style code (docstrings, hallucinated CVSS score) and coordinated a responsible disclosure and patch with the vendor.
- Ryan Dewhurst of watchTowr warned that AI is compressing vulnerability discovery timelines, giving attackers faster weaponization paths.
- PromptSpy Android malware abuses Google’s Gemini to analyze screen content and autonomously manipulate the UI, showing broader AI‑driven attack capabilities.
- Gemini itself was not used in the exploit, but its misuse in PromptSpy highlights the risk of AI tools being repurposed for malicious automation.
Why it matters: Security teams now face AI‑generated exploits that cut discovery and weaponization time, while attackers gain a faster route to breach accounts, raising stakes for users of the vulnerable tool.

