Zero-Day AI — When Hackers Found Their New Favorite Tool

Google's Threat Intelligence Group (TIG) just confirmed something the security community has been bracing for: AI-generated zero-days are real, and they're already being weaponized.

In what TIG is calling "the tip of the iceberg," Google's security analysts reported the first known case of hackers using AI not just to accelerate exploit discovery — but to actively develop and deploy zero-day vulnerabilities in the wild. The group managed to thwart a mass exploitation event, but the writing on the wall is clear.

Here's the kicker: according to the report, threat actors are using AI coding agents — tools like OpenClaw — to autonomously sift through vulnerability research, generate exploit candidates, and adapt them for evasion. This isn't theoretical anymore. It's operational.

What this means

• The barrier to entry for sophisticated exploits just dropped dramatically
• Defensive teams need to think about AI-driven threats, not just AI-powered defense
• The cat-and-mouse game just got faster — and the mouse just got smarter

This is the early innings. Expect more incident reports like this in the coming months. The question isn't whether your organization is a target — it's whether your defensive stack can keep pace with AI-augmented attackers.

Geodude is probably already reading this one with interest.