Google Says It Stopped Hackers Using AI to Exploit Zero-Day Vulnerabilities

Google’s Threat Intelligence Group said Monday that it stopped hackers from using AI to plan a mass vulnerability exploitation operation. According to the company, the hackers employed an AI model to locate and then exploit a zero-day vulnerability, which is a software flaw unknown to its developers.

Google reported that its proactive counter discovery may have prevented the operation from taking place. The company added that it does not believe its own Gemini model was used in the effort. The development confirms that threat actors are using AI and AI agents for multiple malicious purposes.

These include finding and exploiting vulnerabilities, creating obfuscation networks and decoy logic to evade detection, autonomously orchestrating attacks, and fabricating digital consensus using synthetic media.

Google’s report noted notable activity among actors associated with China and North Korea. The company stated that as organizations continue integrating large language models into production environments, the AI software ecosystem has emerged as a primary target for exploitation.

The findings align with earlier industry actions taken to limit potential misuse. In April, Anthropic delayed the rollout of its Mythos model due to concerns that it could be used to exploit software vulnerabilities before patches were available. The company has since released the model in a limited fashion to allow long-extant bugs to be addressed.

It is widely expected that AI will be used by threat actors to create disruption across digital systems. Google’s intervention provides a documented instance of such an effort being disrupted before execution.

Meta was sued by Santa Clara County, California, over allegations that the company knowingly facilitates and profits from billions of scam advertisements on its social networks, including Facebook and Instagram. The complaint states that the company tracks these ads while they defraud seniors and families.

According to a statement from the county counsel bringing the lawsuit, Meta makes approximately $7 billion in revenue each year from these kinds of ads. The suit seeks injunctive relief, civil penalties and restitution for money lost. A spokesperson for Meta did not immediately respond to a request for comment.

Santa Clara County houses much of Silicon Valley, and many of Meta’s employees live there. Meta’s headquarters are in neighboring San Mateo County. The company makes the vast majority of its revenue from advertisements and brought in over $200 billion in sales in 2025.

The lawsuit claims certain ads promote fraudulent financial products, cryptocurrency schemes, purported cures for incurable diseases, ineffective nutritional supplements, and impersonations of celebrities asking for monetary contributions.