NYTimes reports hackers used AI in an attempted attack on Google

In short: Reports are rising about hackers using AI to move faster, but clear public proof that AI is finding brand new, unknown bugs during real attacks is still rare.

What's going on

A New York Times report says Google spotted an attempted attack where hackers used artificial intelligence as part of their work. The report describes this as the first time the company identified hackers using AI to discover an unknown bug. An unknown bug is a hidden software flaw that the maker did not know about yet, like a secret gap in a locked door.

Outside of that claim, most widely reported examples of “AI hacking” so far focus on speed, not brand new discovery. In early 2026, one reported incident involved attackers using a custom large language model, which is a text generating AI system, to run parts of an attack more automatically across thousands of targets. Public reporting did not show the attackers finding new unknown bugs, instead it pointed to scanning for and using already known weaknesses more quickly.

At the same time, defensive teams are also using AI to find bugs faster. For example, reporting in 2025 and 2026 described Anthropic’s Mythos system finding thousands of previously unknown vulnerabilities in weeks across common operating systems and browsers. It was not released publicly, and access was limited to large tech companies so they could fix problems.

What to watch

The big risk is that AI can shrink the time between a bug being revealed and attackers trying it, sometimes down to hours. If more credible reports confirm AI is also helping attackers find truly unknown bugs in the wild, security teams may need to rely more on automated defenses and faster patching, which is the process of fixing software holes.

Source: NYTimes