N. K. hackers using AI to find cybersecurity blind spots, Google says

SEOUL, May 12 (Yonhap) -- State-sponsored hackers from North Korea and China have demonstrated "significant interest" in leveraging artificial intelligence (AI) to detect previously unknown cybersecurity vulnerabilities, Alphabet's Google said in a report Tuesday. "We noted a particular interest from several clusters of threat activity associated with the People's Republic of China (PRC) and the Democratic People's Republic of Korea (DPRK)," Google's threat intelligence group said in the report, referring to North Korea by its official name, the DPRK. They have already shown sophisticated approaches to leveraging AI for vulnerability research, the report said, noting a recent attempt from North Korea's hacking group APT45. The North Korean hackers leveraged AI to send thousands of repetitive prompts that recursively analyze different cybersecurity blind spots for possible exploitation, the report elaborated. The report also noted that it used AI to detect hackers from a criminal group using a "zero-day exploit," which they planned to use in a "mass exploitation," and blocked it. Zero-day exploits refer to those in which organizations and developers are unaware of them and don't have time to respond before an assailant attacks. The incident marks the first time Google identified attackers using AI to find new vulnerabilities and exploit them on a mass scale. The report comes amid renewed global concerns over cybersecurity, following the introduction of Claude Mythos, the latest AI model from U. S. startup Anthropic, specializing in detecting software security vulnerabilities. Anthropic has decided not to release the model publicly and limited its access to a select number of companies and institutions for defense security testing. Employees work inside the situation room at the Korea Internet & Security Agency in Seoul, in this file photo taken Dec. 10, 2025. (Yonhap) fairydust@yna.co.kr(END)