Google GTIG: AI Used to Find and Weaponize Zero‑Day, Planned Mass Attack Stopped

Google’s Threat Intelligence Group (GTIG) says it identified the first known instance of an attacker using artificial intelligence to both locate and weaponize a zero‑day vulnerability, and that Google intervened to halt a planned mass attack tied to that campaign. GTIG says frontier large language models are proving especially effective as general‑purpose tools for vulnerability discovery and exploitation, a trend that accelerates the pace and scale of attacks.

GTIG points to a GitHub project called "wooyun — legacy," a Claude plugin containing more than 85,000 real vulnerability cases originally sourced from the Chinese platform WooYun, as a concrete example of how public datasets can turbocharge AI triage and exploitation workflows. The group warns that such curated collections enable models to analyze code and suggest exploit paths far faster than human researchers alone.

The report traces AI use across multiple actor types. State‑backed groups from China and North Korea are reportedly using AI to hunt for vulnerabilities, while Russia‑linked groups are incorporating AI‑generated obfuscation into malware to frustrate detection. GTIG also highlights criminal actors, naming "TeamPCP" as a group targeting AI supply chains and popular open‑source packages, and cites the Android malware PROMPTSPY as an example that uses the Gemini API to carry out autonomous device control.

On defense, Google says it developed AI‑based countermeasures — named Big Sleep and CodeMender — alongside traditional monitoring and blocking, and that those tools were used to detect and stop the planned mass attack. GTIG describes these measures as part of an evolving toolkit that pairs automated detection and remediation with human incident response to keep pace with AI‑augmented adversaries.

GTIG warns the practical consequences are clear for builders and security teams: expect faster, AI‑driven vulnerability discovery, increased abuse of public code datasets, and more obfuscated malware that uses AI‑generated code. The group recommends reviewing dependencies and supply‑chain hygiene, improving runtime and telemetry coverage, and consulting the full GTIG report for technical indicators and mitigation guidance.