Google: AI-generated exploit bypassed 2FA in open-source tool

Google’s threat intelligence team reported it identified what it believes is the first documented instance of attackers using a large language model to generate exploit code for a zero-day vulnerability that bypassed two-factor authentication in a widely used open-source login tool. The flaw was located in a Python script and a patch was deployed after Google coordinated with the vendor and before any confirmed damage.

Researchers found the exploit code contained features they linked to AI-generated output, including unusually long inline comments and coding patterns the team associates with large language models. According to Google, attackers first identified a flaw that could circumvent 2FA protections and then used an AI model to produce working exploit code.

Google noted zero-day vulnerabilities are defects unknown to the software maker and are typically harder and more time consuming to find. The company’s analysis states that large language models can speed up discovery and reduce the technical barrier to creating working exploits. Google added that state-sponsored groups in some countries are already using AI tools to scale vulnerability research.

The report described risks for services that rely on open-source authentication components. Two-factor authentication is used across cryptocurrency exchanges, decentralized finance platforms, custodial wallets and other crypto services. Many of those services depend on open-source libraries for login flows, admin interfaces and API gateways, which could provide indirect paths to accounts or administrative controls if a vulnerability is discovered.

Google pointed out that decentralized finance projects often focus security audits on smart contracts while giving less attention to surrounding infrastructure. A compromised admin panel or authentication library could allow an attacker to trigger transactions or change critical settings even when on-chain code has been audited. The company urged teams that depend on open-source authentication tools to review their dependencies and apply available patches.

Google’s report said the patched vulnerability did not lead to confirmed theft or operational damage in this instance and warned that future AI-assisted zero-days might be exploited before discovery or disclosure. The researchers recommended layered defenses, monitoring for unusual login activity and rapid patching practices for affected systems.