AI helps hackers find flaws no scanner can catch, Google warns

Artificial intelligence has made it easier to write emails, generate spreadsheets and plan holidays, as the widespread popularity of the various AI models can attest.

It has also, according to a recent Google report, made it considerably easier to figure out previously unmapped or impossible-to-predict gaps in the software of our systems.

Google's Threat Intelligence Group said it had for the first time caught hackers using AI to discover and exploit a so-called zero-day vulnerability, or a security flaw the software's developer does not yet know exists and for which no fix is available.

The target was a popular web-based system administration tool and the flaw allowed attackers to bypass two-factor authentication, that second layer of security most people believe keeps their accounts safe.

Google said it spotted the attack before it could be deployed at scale and quietly alerted the software vendor.