Seoul, May 13: Alphabet-owned Google has warned that state-sponsored hackers from North Korea and China are showing “significant interest” in using artificial intelligence (AI) to identify previously unknown cybersecurity vulnerabilities.
In a report released on Tuesday, Google’s Threat Intelligence Group said multiple hacking clusters linked to China (PRC) and North Korea (DPRK) have begun adopting advanced AI-driven techniques for vulnerability discovery and cyber exploitation.
The report highlighted that North Korea-linked hacking group APT45 has attempted to use AI systems to generate thousands of repetitive prompts, enabling automated analysis of potential security weaknesses across digital systems.
These AI-assisted methods, Google noted, allow attackers to recursively scan for cybersecurity blind spots that could later be exploited at scale.
For the first time, Google also reported detecting attackers using AI to identify a zero-day vulnerability—an exploit unknown to software developers and security teams—and attempting to use it for mass exploitation before it could be patched.
In a countermeasure, Google said its systems successfully used AI tools to identify and block malicious activity linked to criminal groups attempting similar attacks.
The development underscores growing concerns about the weaponisation of artificial intelligence in cybersecurity, with both offensive and defensive applications rapidly evolving.
The report comes shortly after U.S.-based AI company Anthropic introduced “Claude Mythos,” a security-focused AI model designed to detect software vulnerabilities. The model has not been publicly released and is currently limited to select defence and research partners for controlled testing.
Meanwhile, broader geopolitical tensions and stalled diplomatic efforts between the United States and Iran continue to contribute to volatility in global markets, including in South Korea.
