AI-powered hacking has exploded into industrial-scale threat, Google says

In just three months, AI-powered hacking has gone from a nascent problem to an industrial-scale threat, according to a report from Google . The findings from Google’s threat intelligence group add to an intensifying, global discussion about how the newest AI models are extremely adept at coding – and becoming extremely powerful tools for exploiting vulnerabilities in a broad array of software systems. It finds that criminal groups, as well as state-linked actors from China, North Korea and Russia, appear to be widely using commercial models – including Gemini, Claude and tools from OpenAI – to refine and scale up attacks. “There’s a misconception that the AI vulnerability race is imminent. The reality is that it’s already begun,” said John Hultquist, the group’s chief analyst. “Threat actors are using AI to boost the speed, scale, and sophistication of their attacks. It enables them to test their operations, persist against targets, build better malware and make many other improvements.” Last month, the AI company Anthropic declined to release one of its newest models, Mythos , after asserting that it had extremely powerful capabilities and posed a threat to governments, financial institutions and the world generally if it fell into the wrong hands. Specifically, Anthropic said Mythos had found zero-day vulnerabilities in “every major operating system and every major web browser” – the term for a flaw in a product previously unknown to its developers. …