A stylized illustration of a cylindrical cup with blue arrows and lines indicating a swirling or rotational motion inside the cup.
Briefs
Finance
Free NewsletterPro Login

Google Just Caught Hackers Using AI To Break Two-Factor Login

Nate Gregory
Published May 12, 2026
Share:
Summary:
  • Google's Threat Intelligence Group said with "high confidence" an AI tool was used to find the flaw.
  • The hackers planned a "mass exploitation event" before Google's counter-discovery stopped it.
  • Groups tied to China and North Korea are showing strong interest in using AI to hunt software bugs.

The same AI writing your work emails is now being used to break into your accounts.

Google said it caught a hacker group using an AI tool to find a zero-day flaw. That's a software bug nobody knows about yet.

This one broke past two-factor login. The plan was a "mass exploitation event" before anyone caught on.

How They Pulled It Off

Google's Threat Intelligence Group, known as GTIG, said in a Monday report it had "high confidence" the hackers used an AI tool to spot the bug. The group then used the AI to write code to exploit it.

The result was a way around two-factor login. That's the second step that's supposed to keep accounts safe even if a password gets stolen.

Google didn't name the group. But it did say Gemini, its own AI model, was not used.

The hackers leaned on a third-party tool called OpenClaw. It's the kind of AI now widely available to anyone with a credit card.

We track the moves in cyber and AI that actually matter for investors in Market Briefs, every weekday morning. New subscribers also get a free investing masterclass.

The Bigger Pattern

This is the part the cyber industry has been bracing for.

In April, Anthropic delayed the rollout of its Mythos model. The firm warned that bad actors could use it to dig up old, unpatched software bugs at scale.

That move set off White House meetings with tech and business leaders.

Anthropic has since opened Mythos up to a small group of testers. The list includes Apple, CrowdStrike, Microsoft, and Palo Alto Networks - all names investors track in the cyber space.

Last week, OpenAI rolled out GPT-5.5-Cyber to a small group of vetted cyber teams. It's a hint at where defenders are headed too.

Google also flagged something worth watching. Hacker groups tied to China and North Korea are showing "significant interest" in using AI to find software flaws.

Why Investors Should Care

The cyber industry is already pouring billions into AI-powered defense. The story Google just told is the reason.

Every new AI-driven attack makes it easier for cyber firms to sell more software. CrowdStrike, Palo Alto Networks, and Microsoft sit at the front of that trade.

They're the firms building the AI tools defenders will use to fight back. They also sell to the same big names that would be hit hardest in a "mass exploitation event."

The big risk for investors isn't a single breach. It's the chance that a name they own gets caught flat-footed.

Some firms will spend big to keep up. Others will fall behind.

The gap between the two is the trade.

Worth Noting

For years, the arms race was one team finding bugs while the other patched them. AI just sped both sides up at once.

Google said it's seeing more of these cases, not fewer. The Monday report from GTIG was the first time it confirmed an AI tool was used to plan an attack at scale.

It probably won't be the last. Cyber teams across the world are still figuring out how to spot AI-driven attacks before they go wide.

The next "mass exploitation event" might not get caught in time.

If you want a daily read on stories like this delivered every morning, join 350,000+ investors reading Market Briefs. A 45-minute investing course comes with it as a bonus.

Disclosure

Get Market Briefs delivered to your inbox every morning for free!

No fluff. No noise. No politics. Just finance news you can read in 5 minutes.

Recent News

1 2 3 422

Blogs

May 5, 2026
How to Create Multiple Income Streams: A Beginner's Playbook
By Milena Thomas
  • Most people rely on a single income stream from their job - which is also the most heavily taxed.
  • Multiple income streams come from a mix of cash flow, dividends, side businesses, real estate, and royalties.
  • The fastest path for most beginners is starting with one extra stream - usually dividends or a side hustle - and stacking from there.
Read More
May 5, 2026
The 60/40 Portfolio Explained: A Beginner's Guide
By Nate Gregory
  • A 60/40 portfolio holds 60% in stocks and 40% in bonds (or other fixed income).
  • It's designed to balance growth from stocks with stability from bonds.
  • Your "right" mix depends on age, time horizon, income needs, and how well you sleep when markets drop.
Read More
May 5, 2026
How to Invest in Silver: A Beginner's Guide
By Jackson Moreland
  • Silver is both a precious metal and an industrial metal, used in solar panels, electronics, and medical tech.
  • Investors can buy silver four main ways: physical bars and coins, ETFs, mining stocks, or futures contracts.
  • Most beginners are best served by allocating a small slice of their portfolio to silver - usually between 1% and 3%.
Read More
May 1, 2026
Asset Allocation by Age: The Right Portfolio Mix at Every Stage of Life
By Andre Savage
  • Younger investors should hold mostly stocks because they have decades to recover from crashes and benefit from compounding.
  • Allocations gradually shift toward bonds and stable income as retirement approaches, but stocks remain important even past age 65 to outpace inflation.
  • Annual rebalancing is essential - it forces you to buy low and sell high while keeping your portfolio aligned with your actual life stage.
Read More
April 30, 2026
Stablecoin Explained: Why Some Cryptocurrencies Actually Aren't Volatile
By Jackson Moreland
  • Stablecoins are cryptocurrencies pegged to stable assets like the US dollar, giving crypto-style speed and access without the volatility of Bitcoin or Ethereum.
  • Fiat-backed stablecoins like USDC are the safest option, while algorithmic stablecoins have failed spectacularly and should generally be avoided.
  • Stablecoins fit a portfolio as cash reserves with better yields, a hedge against crypto volatility, and a fast, cheap rail for international transactions.
Read More
April 30, 2026
Buy Now, Pay Later Risks: Why This "Easy" Payment Method Is Dangerous to Your Wealth
By Nate Gregory
  • Buy now, pay later services like Klarna, Affirm, and Sezzle are debt products designed to feel harmless while keeping users in a cycle of overspending.
  • BNPL exploits psychological debt blindness, triggers late fees, and damages credit scores without helping users build positive credit history.
  • Building real wealth means waiting 30 days, paying upfront when you have the cash, and avoiding systems built to extract money from your future income.
Read More
April 30, 2026
Dividend Payout Ratio: The Secret Metric That Shows If a Stock Is Safe or Risky
By Jackson Moreland
  • Dividend payout ratio is total dividends paid divided by net income, showing the percentage of earnings a company returns to shareholders.
  • A 20-50% payout ratio is generally safe and sustainable, while ratios above 75% often signal a dividend cut is coming.
  • High dividend yields can be warning signs, not opportunities - safety and dividend growth matter more than the headline yield number.
Read More
April 30, 2026
Ethereum for Beginners: What It Is and Why Smart Investors Are Paying Attention
By Milena Thomas
  • Ethereum is a blockchain platform that runs smart contracts, while Ether (ETH) is the cryptocurrency that powers the network.
  • Use cases include decentralized finance, NFTs, gaming, supply chain tracking, and digital identity - many still experimental.
  • Most investors should treat Ethereum as a small allocation hedge using dollar-cost averaging, not a get-rich-quick lottery ticket.
Read More
April 30, 2026
Dollar Cost Averaging Strategy: How to Beat Emotion and Build Wealth Steadily
By Nate Gregory
  • Dollar cost averaging means investing the same amount at regular intervals regardless of what the market is doing.
  • The strategy automatically buys more shares when prices are low and fewer when prices are high, lowering your average cost over time.
  • DCA removes emotion, eliminates the need to time the market, and turns volatility into a mathematical advantage for long-term investors.
Read More
April 30, 2026
The BRRRR Strategy: How to Build Real Estate Wealth Without Big Money Down
By Andre Savage
  • BRRRR stands for Buy, Rehab, Rent, Refinance, Repeat - a five-step framework for scaling real estate without saving for big down payments.
  • The strategy works by buying distressed properties below market value, adding value through smart renovations, and pulling out equity through refinancing.
  • Tax advantages like depreciation and mortgage interest deductions make BRRRR a powerful tool for owners willing to manage tenants and contractors.
Read More
1 2 3 20
Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Bluesky
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Copy link
CopyCopied