Google's Mandiant M-Trends 2026 report documents the first confirmed AI-generated zero-day exploit blocked in production, adversaries achieving exploitation seven days before patches ship, and industrial-scale LLM use in offensive operations.
Google's Mandiant M-Trends 2026 report documents the first confirmed AI-generated zero-day exploit blocked in production, adversaries achieving exploitation seven days before patches ship, and industrial-scale LLM use in offensive operations.
Google DeepMind published a 35-page AI Control Roadmap on June 18 that openly frames its own AI agents as potential insider threats, deploying structural containment controls rather than relying on alignment training alone.
Google's Threat Intelligence Group has confirmed the first known case of a nation-state actor using AI to generate a working zero-day exploit used in an active campaign. APT45 — a North Korean state-sponsored group — automated the discovery and validation of a 2FA bypass using thousands of recursive prompts. The exploit code contained forensic markers of AI generation.
SafeBreach Labs documented a prompt injection attack hiding malicious commands inside WhatsApp, Slack, or SMS notifications. Gemini treats hostile text as trusted. Patched Nov 2025.