Google says criminal hackers used AI to find a major software flaw

Original Article ↗ Hacker News Discussion ↗

Scope of the incident

  • Commenters note the exploited bug was in a popular open‑source, web‑based admin tool, not core Google software.
  • Google’s own blog is linked as the primary technical source; it says Google worked with the vendor for responsible disclosure.

Did attackers really use AI?

  • Google’s threat report cites “high confidence” an AI model was used, based on exploit code characteristics: verbose educational docstrings, a hallucinated CVSS score, and very “textbook” Python structure typical of LLM output.
  • Several participants argue this only shows an AI likely wrote the exploit script (“weaponization”), not that AI discovered the underlying vulnerability.
  • Others say that in 2026 it’s reasonable to assume serious attackers use AI for discovery as well, but acknowledge it’s not provable from code alone.

Media coverage and marketing skepticism

  • Some see the article as uncritically amplifying vendor marketing (e.g., claims of “thousands of zero‑days” from specialized models like Mythos).
  • Others push back, arguing reporters covering cyber/AI typically have deep domain experience, while critics counter that this can still produce stenography if claims aren’t clearly labeled as unverified.
  • There is concern that fear‑based narratives (“too powerful to release”) serve both corporate and regulatory agendas.

Offense vs. defense with AI

  • Many note it’s unsurprising that black‑hat hackers use LLMs; “everyone” uses them for coding already.
  • Discussion asks whether “good guy AI” can patch faster than “bad guy AI” finds exploits; consensus is that human processes—validation, coordination, deployment—remain the bottleneck.
  • Question raised: do AI‑generated patches introduce more flaws than they fix?

Regulation, access, and local models

  • Some expect “security” will be used as justification to restrict powerful models, particularly open‑weight or foreign (e.g., potential bans on Chinese models or entity‑list tactics).
  • Others argue such controls are hard to enforce globally and would mainly benefit large U.S. vendors.
  • Concerns about KYC/ID requirements for access to “cyber” variants of models; calls for strong local models to avoid surveillance, tempered by current hardware and capability limits.

Broader worries about software and AI

  • Several blame AI‑assisted development for an apparent rise in low‑quality, buggy software.
  • Others see AI‑driven exploit discovery as exposing already‑fragile security foundations (ambient authority, supply‑chain weak points) rather than creating new categories of risk.