# Google 称在 AI 被用于发现零日漏洞后阻止了一场大规模网络攻击

- 来源：The Decoder：AI News（RSS）
- 作者：Matthias Bastian
- 发布时间：2026-05-13 02:17
- AIHOT 分数：60
- AIHOT 链接：https://aihot.virxact.com/items/cmp2z8au201vcsl1qb02xuowz
- 原文链接：https://the-decoder.com/google-says-it-stopped-a-mass-cyberattack-after-ai-was-used-to-discover-a-zero-day-exploit

## AI 摘要

Google 威胁情报小组发现了首个已知案例，攻击者利用 AI 发现并武器化了一个零日漏洞。Google 表示已阻止了这场计划中的大规模攻击。来自中国、朝鲜和俄罗斯的国家支持行为体也在使用 AI 来寻找漏洞并伪装恶意软件代码。这标志着 AI 在网络攻击中的角色从辅助工具升级为主动发现关键漏洞的武器。

## 正文

Google says it stopped a mass cyberattack after AI was used to discover a zero-day exploit

A new report from Google's Threat Intelligence Group (GTIG) details how attackers are using AI at scale for cyberattacks. For the first time, GTIG identified a threat actor who reportedly used AI to discover and weaponize a zero-day vulnerability. Google says it stopped the planned mass attack.

State-backed actors from China and North Korea are also using AI to hunt for vulnerabilities. The report highlights the GitHub project "wooyun-legacy," a Claude plugin with over 85,000 real vulnerability cases from the Chinese platform WooYun, built to help AI models analyze code more effectively. Russia-linked groups are embedding AI-generated obfuscation code in malware: the Android malware PROMPTSPY, for example, uses the Gemini API to control devices autonomously. Criminal groups like "TeamPCP" are also targeting AI supply chains, going after popular open-source packages, Google says.

Google has developed its own AI-based countermeasures, among them Big Sleep and CodeMender. The full report is available here.

AI News Without the Hype – Curated by Humans
