Google Confirms Hackers Leveraged AI to Create Zero‑Day Exploit Bypassing Two‑Factor Authentication
Google’s Threat Analysis Group (TAG) announced on Monday, May 11, 2026, that a sophisticated cyber‑crime operation used a custom artificial‑intelligence model to discover a previously unknown vulnerability that allowed attackers to bypass two‑factor authentication (2FA) mechanisms on popular web services. The zero‑day exploit was first observed in the wild targeting a major online retail platform.
The discovery underscores a growing trend where adversaries employ generative AI to automate vulnerability research, a capability once limited to well‑funded nation‑state actors. Google’s internal report, shared with partners in the cybersecurity community, detailed how the AI model generated millions of code permutations, identifying a logic flaw in the authentication flow that could be triggered without user interaction.
According to Google’s senior security engineer, Priya Desai, the AI‑driven technique reduced the typical 8‑ to 12‑week vulnerability discovery cycle to under 48 hours. Reuters cited the TAG’s statement that the exploit was responsibly disclosed to the affected vendor within 24 hours of detection, prompting a patch rollout the same day. However, the group warned that similar AI‑powered tools are likely already in circulation among underground forums.
Cybersecurity experts caution that the weaponization of AI could dramatically increase the volume of zero‑day attacks. “We are entering an era where the cost of developing a critical exploit drops dramatically,” said Dr. Michael Lee, director of the Center for Cyber‑Threat Intelligence. Investment firms are now reassessing the risk premiums on crypto assets tied to DeFi protocols that rely heavily on 2FA for wallet security.
Google plans to publish a detailed technical paper on the methodology at the Black Hat conference in August 2026, and is collaborating with industry groups to develop shared AI‑safety standards. Security teams across the sector are advised to adopt multi‑layered authentication, including biometric factors and hardware security keys, to mitigate the emerging AI‑enhanced threat landscape.