When Google Intelligence actually said that they intercepted a planned mass vulnerability, an exploitation operation that is built around everyday exploits, they appear to have been deployed with the help of an AI model. The news didn't actually go viral in every place, but some AI enthusiasts and some people who are very good in server security have started to look into the issue. The bug was in the popular open-source web-based system.
And the exploit lived in a Python script that automated the 2FA bypass for this tool to actually happen. How did Google get to know that AI was involved? Google is not guessing about the AI angle. They have seen the pattern and the fingerprint of AI codes in it.
And it started with an hallucinated CVSA score and their likes. They structured Facebook and formatting the code and accompanying comments. They look like they've been written to satisfy a documentation rubric.
So it's something that has been done several times over. Then Google researchers described this incident as the first known case of AI being used to do something more crazier than what AI would have been taught to do in the wrong way in previous times. There is actually a forthcoming coding language that is coming, which is Mythos.
But this has to be suspended just because of this issue. In parallel, there is a myth of Flood, Opus 4.7, as a more general-purpose model with stricter safeguards around prohibiting and enabling cybersecurity applications. The bigger shift here is that AI is both a lockpick and a locksmith.
So an AI can safeguard a program. AI can also become that key to unlocking any program that we ever thought of. Governments are now discussing the Mythos class system as a similar cyber model in the context of regulation, alongside other frontier AI models used for code and security.
So what should we actually take away? AI hackers are already here. There's nothing we can do about it. And it's not just a punchline.
It's a direct fruit of what we are seeing here. There are now real criminals that are using AI to help find and package every day into operational exploits against widely-used software. And that is becoming more these days.
And if this penetration can go through, it means that most of the programs and the platforms that we thought are secured, we can actually penetrate them through an AI model. And there is nobody that is going to be exempted. Thank you.