
Google’s threat intelligence team reported the first known instance of cybercriminals using AI to find and weaponize a zero-day in a popular Python script, noting collaboration among organized crime groups. The finding, together with accidental or deliberate public disclosures, shows how quickly flaws can be weaponized, including with AI assistance. Microsoft’s threat to involve law enforcement against a researcher who published exploits illustrates added tensions that could hinder cooperation between vendors and independent finders just as faster, AI-driven exploit development raises the stakes for coordinated patching and disclosure.
Click a connection line between nodes to view confidence and evidence.