Google Thwarts First AI-Generated Zero-Day Exploit Attempt

The article explicitly states that AI was used to develop a working zero-day exploit, which is a direct cause of a planned mass exploitation event. The exploit's AI-generated nature is confirmed by multiple indicators such as educational docstrings and AI-specific coding patterns. The event involves the use of AI in the development and intended deployment of a cyberattack tool, which constitutes harm to property and potentially critical infrastructure. The fact that the attack was thwarted does not negate the incident classification, as the AI system's use directly led to a significant cybersecurity threat. This fits the definition of an AI Incident because the AI system's use directly led to a harmful event (planned mass exploitation) that was narrowly avoided but clearly materialized as a serious threat.

The article explicitly states that AI was used by hackers to find a zero-day exploit, which is a previously unknown vulnerability that could allow unauthorized access and potentially cause harm. While Google disrupted the attack before damage occurred, the use of AI in this context shows a credible and imminent risk of harm from AI-enabled cyberattacks. Since no actual harm materialized, it does not meet the criteria for an AI Incident but clearly fits the definition of an AI Hazard due to the plausible future harm from AI-driven exploitation attempts.

The article explicitly states that AI was used by hackers to discover a zero-day exploit, which is a previously unknown vulnerability that could have led to unauthorized access and harm. The use of AI in this context directly contributed to a cybersecurity threat, fulfilling the criteria for an AI Incident under harm category (b) - disruption of critical infrastructure management and operation. The incident was disrupted before damage occurred, but the AI's role in the attack attempt is clear and material. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems (large language models like Gemini, Claude, OpenAI tools) being used by malicious actors to conduct sophisticated cyberattacks, including attempts to exploit zero-day vulnerabilities. This constitutes direct involvement of AI in causing harm through increased cyber threats, which fits the definition of an AI Incident due to harm to critical infrastructure and communities. The harm is realized and ongoing, not merely potential, so it is not an AI Hazard. The article also discusses broader societal and economic implications but the primary focus is on the AI-enabled cyberattacks causing harm.

The event involves the use of AI systems by malicious actors to discover and exploit software vulnerabilities, which is a clear AI system involvement. Although the exploitation was thwarted before causing actual harm, the planned mass exploitation event represents a credible and plausible risk of significant harm to organizations and infrastructure. Therefore, this is an AI Hazard rather than an AI Incident because the harm was prevented. The report also highlights ongoing use of AI by threat actors, reinforcing the potential for future incidents.

The article explicitly states that hackers used an AI large language model to find a previously unknown vulnerability and plan an attack, which is a direct use of AI in malicious activity. While the attack was disrupted before causing harm, the involvement of AI in enabling the exploitation of a zero-day vulnerability presents a credible risk of future harm if such attacks succeed. Therefore, this event qualifies as an AI Hazard because it plausibly could lead to an AI Incident involving harm to digital infrastructure or property, but no realized harm occurred yet.

The article explicitly states that AI was used to develop a zero-day exploit, a malicious tool that can cause harm by breaching security and accessing data without authorization. The involvement of AI in the creation of this exploit directly contributes to a cybersecurity threat, which is a form of harm to property and potentially critical infrastructure. The fact that the attack was prevented does not negate the incident, as the development and attempted deployment of such AI-powered hacking tools constitute realized harm. Hence, this event meets the criteria for an AI Incident.

The article explicitly states that an AI large language model was used by hackers to find a zero-day exploit, which is a previously unknown vulnerability that could allow unauthorized access and harm. The AI system's use was malicious and directly linked to the planned cyberattack. However, since Google disrupted the operation before any damage or harm occurred, no realized harm took place. The event thus represents a credible and immediate risk of AI-driven cyber exploitation, fitting the definition of an AI Hazard rather than an AI Incident. The involvement of AI in the development and use of the exploit is clear, and the potential for harm is significant and plausible.

The event involves an AI system used by threat actors to develop a zero-day exploit, which is a direct use of AI in a harmful cyberattack attempt. The exploit could have led to harm to security and possibly critical infrastructure or user data, fitting the definition of an AI Incident due to direct harm or potential harm caused by AI-enabled malicious use. Google's intervention prevented the harm, but the AI system's role in the attack attempt is pivotal and directly linked to the harm that was about to occur. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly states that AI was used by hackers to create zero-day exploits, which are serious security flaws with no known fixes and can cause significant harm. The involvement of AI in the development and use of these exploits directly leads to potential or actual harm in cybersecurity, fitting the definition of an AI Incident. The report also mentions real-world use by threat actors and ongoing attacks enhanced by AI, confirming realized harm rather than just potential risk. Hence, this is classified as an AI Incident.

The article explicitly states that AI was used by hackers to discover a new software flaw and attempt a mass exploitation attack, which was prevented before causing damage. Since no realized harm occurred, it does not meet the criteria for an AI Incident. However, the use of AI in autonomous cyber operations that could accelerate and scale attacks represents a credible and plausible risk of future harm, fitting the definition of an AI Hazard. The event focuses on the potential threat and innovation in AI-enabled hacking rather than an actual incident causing harm.

The event involves the use of an AI system in the development and use of a hacking tool exploiting a zero-day vulnerability, which could lead to disruption of critical infrastructure management and operation. While no actual harm occurred because the vulnerability was fixed before exploitation, the AI's role in weaponizing the exploit creates a plausible risk of future harm. Therefore, this qualifies as an AI Hazard rather than an AI Incident, as the harm is potential and not realized yet.

The event involves an AI system (a large language model) used by malicious actors to identify and exploit a zero-day vulnerability, which is a credible cybersecurity threat. The AI's involvement is in the use phase, aiding attackers in planning the exploit. Although Google disrupted the attack before any damage occurred, the event highlights the plausible future harm AI can cause in cyberattacks, including potential breaches and disruptions. Since no actual harm materialized, it does not meet the criteria for an AI Incident but fits the definition of an AI Hazard due to the credible risk of harm.

The hackers' use of AI models to exploit a zero-day vulnerability and bypass security measures constitutes the use of AI systems in a harmful way. The event involves the use of AI in the development and execution of a cyberattack, which directly threatens security and privacy, thus fitting the definition of an AI Incident. The fact that Google stopped the attack does not negate the incident classification, as the AI system's use in the attack was realized and posed direct harm.

The article explicitly mentions AI systems being used by cybercriminals to autonomously find software flaws and generate malware, which is a clear AI system involvement. The planned attack was prevented, so no actual harm occurred yet, but the potential for significant harm is credible and plausible given the nature of the AI-enabled hacking operations. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident in the future. There is no indication that harm has already occurred, so it is not an AI Incident. The article is not merely complementary information or unrelated, as it focuses on the AI-enabled hacking operations and their implications for harm.

The article explicitly states that AI was used by hackers to autonomously find a new software vulnerability and develop an exploit, which is a clear involvement of an AI system in malicious use. Although the planned mass exploitation was blocked and no actual harm occurred, the event demonstrates a credible risk that AI-enabled cyberattacks could lead to harm in the future. The use of AI to accelerate and automate cyber operations increases the plausibility of future AI Incidents. Since no realized harm occurred yet, the event fits the definition of an AI Hazard rather than an AI Incident.

The involvement of AI in discovering and weaponizing a zero-day exploit is explicitly stated, indicating AI system use in the development and use of a hacking tool. Although the exploit was fixed before deployment, the event demonstrates a credible threat that could have led to significant harm, including unauthorized access and disruption of critical infrastructure or violation of rights. Since no actual harm occurred but the risk is real and recent, this fits the definition of an AI Hazard rather than an AI Incident. The event is not merely complementary information because it reports a new credible threat involving AI misuse.

The event involves the use of AI in the development of a cyberattack exploit, which if deployed, could have caused harm by compromising security and potentially disrupting critical infrastructure or violating user rights. Since the exploit was stopped before causing harm, this qualifies as an AI Hazard, as the AI system's involvement plausibly could have led to an AI Incident. The article does not describe actual harm occurring, only the prevention of a potential attack, so it is not an AI Incident. It is more than complementary information because it reports a credible threat involving AI exploitation capabilities.

The article explicitly states that AI was used by cybercriminals to discover and attempt to exploit a new vulnerability at scale, which is a direct use of AI systems in malicious hacking operations. The attack was blocked before mass exploitation, but the attempt itself and the use of AI to autonomously find and exploit vulnerabilities constitute realized harm or at least a direct threat of harm. This fits the definition of an AI Incident because the AI system's use directly led to an event involving harm or attempted harm (cyberattack) to property and potentially critical infrastructure. The event is not merely a potential risk or future hazard, but an actual incident involving AI-driven malicious activity.

The article explicitly states that a criminal group used an AI large language model to find a zero-day vulnerability and planned to exploit it, which constitutes a direct use of AI in a malicious cyberattack attempt. The harm targeted is the breach of cybersecurity, which falls under disruption of critical infrastructure and potential harm to property and communities. Although the attack was disrupted before damage, the AI system's role was pivotal in the attempt, meeting the criteria for an AI Incident. The event is not merely a potential risk (hazard) or a complementary update; it involves a concrete malicious use of AI leading to a cybersecurity incident.

The event explicitly involves an AI system (likely a large language model) used by hackers to discover and weaponize a zero-day vulnerability, which is a serious security flaw that could lead to harm if exploited. The AI's role in the development and use of the exploit is direct and pivotal. The harm (cybersecurity breach) was prevented but the incident itself—AI-assisted discovery of a zero-day exploit by a cybercrime group—constitutes an AI Incident because it involves realized harm potential and direct AI involvement in malicious use. This fits the definition of an AI Incident as the AI system's use has directly led to a significant cybersecurity threat, even if the attack was stopped before causing damage.

The article explicitly states that AI was used by a criminal group to find and weaponize a zero-day exploit, which is a direct cause of a cybersecurity threat. This use of AI has led to or could lead to significant harm through cyberattacks, fitting the definition of an AI Incident under harm to property and potentially critical infrastructure. The event is not merely a potential risk but an active exploitation attempt, distinguishing it from an AI Hazard or Complementary Information.

The article explicitly mentions AI systems being used by malicious actors to find and exploit previously unknown software vulnerabilities (zero-day flaws), which directly leads to cyberattacks. This constitutes harm to property and potentially to communities relying on secure digital infrastructure, fitting the definition of an AI Incident. The involvement of AI in the development and use of these attacks, and the realized exploitation of a vulnerability, confirms this classification. The article does not merely warn of potential harm but reports on actual exploitation, so it is not an AI Hazard. It is not Complementary Information because the main focus is on the incident itself, not on responses or updates. It is not Unrelated because AI involvement and harm are central.

The event involves an AI system (a large language model) used by hackers to find and exploit a zero-day vulnerability, which is a direct use of AI in causing harm or potential harm. The attack was disrupted before damage occurred, but the AI's role in enabling the exploit is pivotal and constitutes an AI Incident under the framework. The article's main narrative centers on this AI-driven exploitation and Google's intervention, meeting the criteria for an AI Incident rather than a hazard or complementary information.

The article explicitly states that an AI model was leveraged by attackers to discover and weaponize a zero-day vulnerability, which is a direct use of AI in causing a cybersecurity threat. The potential harm includes bypassing two-factor authentication, which could lead to unauthorized access and harm to users. Although the attack was thwarted, the AI's involvement in enabling the attack and the potential for catastrophic consequences qualifies this as an AI Incident. The harm is realized in the form of a serious security breach attempt, not just a plausible future risk, and thus it is not merely a hazard or complementary information.

The event explicitly involves AI systems used by hackers to identify and weaponize a zero-day vulnerability, which is a direct use of AI in malicious activity. The planned mass exploitation event would have caused harm to computer systems and potentially to organizations relying on them, fulfilling the harm criteria. Although the attack was stopped before deployment, the AI's role in enabling the exploit is direct and pivotal. This meets the definition of an AI Incident, as the AI system's use has directly led to a harmful event (attempted cyberattack) even if the harm was averted by intervention. The report also highlights the growing risk of AI-assisted cyberattacks, reinforcing the significance of this incident.

The article explicitly mentions the use of an AI large language model by hackers to find and exploit a zero-day vulnerability, which is a clear AI system involvement in a malicious use scenario. While Google successfully disrupted the attack before any damage or harm occurred, the event shows a credible and plausible risk of AI-enabled cyberattacks causing harm to digital infrastructure and potentially to organizations and communities. Since no actual harm materialized, it does not meet the criteria for an AI Incident but fits the definition of an AI Hazard due to the plausible future harm from AI-driven exploitation. The article also discusses broader implications and responses, but the main event is the AI-enabled hacking attempt and its disruption.

The involvement of AI in creating a zero-day exploit that could have been used in a mass exploitation event constitutes a credible and plausible risk of harm to critical infrastructure or systems, fitting the definition of an AI Hazard. Since the exploit was discovered and patched before any harm occurred, this is not an AI Incident. The report focuses on the potential threat and the proactive discovery rather than realized harm, so it is not Complementary Information. Therefore, the event is best classified as an AI Hazard due to the plausible future harm from AI-enabled cyberattacks.

The article explicitly states that AI was used to discover and weaponize a zero-day exploit, which was then used by threat actors to bypass security measures. This directly led to a security breach, a form of harm to property and potentially to users' digital assets and privacy. The involvement of AI in the development and use of the exploit meets the criteria for an AI Incident, as the harm is realized and the AI system's role is pivotal in enabling the attack.

The event involves the use of an AI system by hackers to discover a zero-day vulnerability and nearly launch a mass cyberattack, which would have caused harm to property and communities by compromising security systems. The AI system's use directly led to a near-harmful event, and although the attack was stopped, the incident itself is significant and fits the AI Incident category. The involvement of AI in the malicious use and the direct link to a cyberattack attempt causing or nearly causing harm meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves the use of AI in the development of a cyberattack script designed to exploit a security vulnerability and bypass 2FA, which is a critical security mechanism. The attack was stopped before causing direct harm, so no realized harm occurred. However, the AI system's involvement in enabling a sophisticated attack that could have led to harm makes this an AI Hazard, as it plausibly could have led to an AI Incident if successful. The report also highlights the increasing use of AI by adversaries to discover and exploit vulnerabilities, reinforcing the plausible future harm risk.

The article explicitly states that AI was used by criminals to identify and weaponize a zero-day vulnerability, which is a direct use of AI leading to a planned cyberattack. The potential harm includes breaches of security, violations of privacy, and disruption of digital infrastructure, all of which fall under harms to property, communities, or rights. Although the attack was stopped before execution, the AI's role in enabling the exploit is pivotal and the threat is materialized in the form of a near miss. This meets the criteria for an AI Incident rather than a hazard or complementary information, as the AI system's use directly led to a significant harmful event that was only prevented by intervention.

The report explicitly states that AI was used by hackers to discover a new zero-day vulnerability and attempt exploitation, which is a direct use of AI leading to a cyberattack attempt. Although the mass exploitation was blocked, the AI-enabled hacking operation itself constitutes a realized harm or at least a direct attempt to cause harm through AI misuse. This meets the criteria for an AI Incident because the AI system's use directly led to a security threat and attempted harm. The event is not merely a potential risk or a general update but a concrete case of AI-enabled malicious activity.

The event involves the use of an AI system (a large language model) by hackers to identify and exploit a previously unknown vulnerability (zero-day exploit) in a company's system. This use of AI directly relates to the development and use of AI systems for malicious purposes. While Google disrupted the attack before harm occurred, the AI's role in enabling the cyberattack attempt is clear and represents a credible and immediate risk of harm to digital infrastructure and potentially to organizations and individuals relying on that infrastructure. Therefore, this qualifies as an AI Hazard because the harm was plausible and imminent but was prevented before materializing. The article also discusses broader governance and societal responses, but the primary focus is on the AI-enabled cyberattack attempt and its disruption.

The event explicitly involves AI systems being used by hackers to find and exploit cybersecurity blind spots, which directly leads to harm in the form of cyberattacks using zero-day exploits. This fits the definition of an AI Incident because the AI system's use has directly led to a significant harm scenario (cybersecurity breaches and potential mass exploitation). The report also mentions that Google blocked an attack using AI detection, but the harm potential and actual attempts are clear. Therefore, this is an AI Incident rather than a hazard or complementary information.

The article explicitly states that hackers used AI to develop a zero-day exploit for mass exploitation, which is a direct use of AI in a malicious cyberattack. The exploit could have bypassed security measures, leading to violations of security and privacy rights, and harm to property and communities reliant on the affected systems. The threat was active and recent, indicating realized harm or at least a direct and immediate risk of harm. This fits the definition of an AI Incident because the AI system's use in the attack directly led to a significant cybersecurity threat with potential harm. The event is not merely a potential hazard or complementary information but a concrete incident involving AI-enabled malicious activity.

The article explicitly mentions the use of an AI large language model by hackers to find and exploit a zero-day vulnerability, which is a direct involvement of AI in a malicious cyber operation. However, Google disrupted the attack before any damage or harm occurred, so no realized harm took place. The event thus represents a credible and plausible risk of harm due to AI-enabled cyberattacks, fitting the definition of an AI Hazard rather than an AI Incident. The event also includes broader context about AI's impact on cybersecurity and government responses, but the core event is the thwarted AI-driven cyberattack attempt.

The event involves the use of an AI system (a large language model) by hackers to identify and exploit a zero-day vulnerability, which is a clear example of AI involvement in a cybersecurity threat. While the attack was disrupted before causing harm, the use of AI in this context poses a credible and significant risk of future harm, including potential injury to organizations, disruption of critical infrastructure, and violations of rights through data breaches or ransomware. Since no actual harm occurred but the risk is credible and imminent, this qualifies as an AI Hazard rather than an AI Incident. The article also discusses broader governance and policy responses, but the main focus is on the AI-driven cyberattack attempt and its disruption.

The article explicitly states that the exploit was developed using AI and was aimed at bypassing security protections, which is a direct harm to cybersecurity and user safety. The involvement of AI in creating a zero-day exploit that could have been used in a mass exploitation event meets the criteria for an AI Incident, as the AI system's use directly led to a significant harm scenario. Although the attack was thwarted, the event itself is an incident because the AI-enabled exploit was active and posed a real threat.

The article explicitly states that an AI large language model was used by hackers to find a previously unknown vulnerability (zero-day exploit) and plan a cyberattack. While Google disrupted the attack before any harm occurred, the use of AI in this context poses a credible risk of future harm to critical infrastructure and digital security. Since no actual harm materialized, but the AI's involvement could plausibly lead to significant harm, this event fits the definition of an AI Hazard rather than an AI Incident. The article also discusses broader governance and industry responses, but the main event is the AI-enabled hacking attempt that was prevented.

The article explicitly states that a criminal group used an AI large language model to find a zero-day exploit, which is a previously unknown software vulnerability. This AI involvement is central to the attempted cyberattack, which could have led to harm such as unauthorized access, data breaches, or disruption of critical systems. However, Google disrupted the attack before any harm occurred. Thus, while the AI system's use did not directly cause harm this time, it plausibly could in the future, fitting the definition of an AI Hazard. The article also discusses broader concerns about AI's role in cybersecurity threats, reinforcing the potential for future incidents.

The article explicitly states that an AI model was used by cybercriminals to find and weaponize a zero-day vulnerability, enabling bypass of two-factor authentication, which is a direct security harm to users and systems. The AI system's use in exploit development and the active campaign preparation demonstrate direct involvement in causing harm. The event meets the criteria for an AI Incident as it involves the use and misuse of an AI system leading to a breach of security, which can be considered harm to property and communities. The involvement of AI in the development and weaponization of the exploit is clear and central to the incident.

The article explicitly mentions AI models being used by malicious actors to create and exploit zero-day vulnerabilities, which are highly dangerous and can cause significant harm. The involvement of AI in automating and enhancing cyberattacks is clear, and the potential for catastrophic misuse is emphasized by experts and governance advocates. While no specific harm event is detailed, the credible risk of large-scale cyberattacks enabled by AI justifies classification as an AI Hazard. The article also discusses the lack of regulatory safeguards and the urgent need for oversight, reinforcing the plausibility of future harm stemming from AI misuse in cybersecurity.

The event involves AI systems explicitly used by hackers to detect and exploit software vulnerabilities, which is a clear AI system involvement. The attack was thwarted, so no direct harm occurred, but the potential for destabilizing critical infrastructure is credible and significant. The article emphasizes the urgent need for AI oversight to prevent future incidents, highlighting the plausible risk of harm. Hence, it fits the definition of an AI Hazard rather than an AI Incident or Complementary Information.

The event involves an AI system (a large language model) used by hackers to find a zero-day vulnerability, which is a clear example of AI involvement in malicious use. While the attack was disrupted before causing harm, the use of AI to discover and weaponize vulnerabilities represents a credible risk of future harm. The article emphasizes the potential for AI to accelerate cyberattacks, increasing cybersecurity risks globally. Since no actual harm occurred but plausible harm was averted, this fits the definition of an AI Hazard rather than an AI Incident. The event is not merely complementary information because it reports a specific AI-enabled attack attempt, nor is it unrelated as it directly involves AI in a cybersecurity context.

The article explicitly states that hackers leveraged an AI model to discover and weaponize a zero-day vulnerability, which is a direct use of AI in the development and execution of a cyberattack. The harm involves exploitation of a security flaw leading to potential unauthorized access and breach of security, which fits the definition of harm to property and possibly to users' rights. The AI system's role was pivotal in enabling the attack lifecycle phases, including reconnaissance and command execution. Since the attack occurred and was discovered, this is a realized harm, not just a potential risk, thus classifying it as an AI Incident rather than a hazard or complementary information.

The article explicitly states that an AI model was used by a threat actor to discover and weaponize a zero-day exploit, indicating AI system involvement in malicious use. While the exploit was stopped before causing actual harm, the potential for significant harm was present, meeting the criteria for an AI Hazard. The event does not describe realized harm but highlights a credible risk of AI-driven cyberattacks. The proactive mitigation and disclosure are responses to this hazard, but the main event remains a plausible future harm scenario rather than an incident with realized harm.

The event involves an AI system used by hackers to develop a zero-day exploit, which is a direct involvement of AI in a malicious cyber operation. However, the exploit was discovered and patched before it could be widely used, so no actual harm occurred. The potential harm from bypassing multi-factor authentication is significant, including unauthorized access and disruption of critical infrastructure or data security. Since the harm was plausible but not realized, this fits the definition of an AI Hazard. The report also highlights the evolving threat landscape with AI accelerating offensive cyber capabilities, reinforcing the credible risk. Therefore, the classification is AI Hazard.

The article explicitly states that the zero-day exploit was likely developed with the help of an AI program, based on analysis of the code's structure and content. The exploit targets a widely used system administration tool and would have allowed attackers to bypass security measures, leading to unauthorized access. This represents a direct harm to security and privacy, which falls under harm to persons or groups. The AI system's role in developing the exploit is pivotal to the incident. Although the exploit was detected before widespread exploitation, the event involves realized malicious use of AI leading to a significant cybersecurity threat, meeting the criteria for an AI Incident rather than a mere hazard or complementary information.

The article explicitly mentions AI systems being used by North Korean hackers to find and exploit cybersecurity vulnerabilities, including zero-day exploits intended for mass exploitation. This is a direct use of AI leading to harm or potential harm in cybersecurity, which fits the definition of an AI Incident. The involvement of AI in malicious hacking and exploitation attempts is a clear case of AI use causing or enabling harm. Although Google blocked the attack, the use of AI in this context is a realized threat and harm scenario, not merely a potential hazard or complementary information. Hence, the classification as AI Incident is appropriate.

The article explicitly states that an AI large language model was used by hackers to find a previously unknown vulnerability (zero-day exploit) and plan a cyberattack. While Google disrupted the attack before any harm occurred, the use of AI in this context poses a credible risk of future harm to critical infrastructure and associated communities. Since no actual harm materialized, but the AI system's involvement could plausibly lead to significant harm, the event fits the definition of an AI Hazard rather than an AI Incident. The article also discusses broader governance and policy responses, but the main event is the AI-enabled hacking attempt and its disruption.

The involvement of AI in developing a zero-day exploit that could bypass security measures constitutes a plausible threat that could lead to harm, such as unauthorized access and disruption of critical infrastructure or violation of user security. Since the attack was detected and no explicit harm is reported as having occurred, this event fits the definition of an AI Hazard rather than an AI Incident. The report highlights the potential for AI-enabled malware to orchestrate autonomous attacks, indicating a credible risk of future harm.

The report explicitly documents the use of AI systems by state-sponsored and criminal actors to conduct cyberattacks, develop exploits, and spread disinformation, all of which have materialized or are ongoing harms. The AI systems are integral to these malicious operations, directly contributing to the harms described. The presence of autonomous AI-enabled malware and AI-assisted zero-day exploit development confirms realized harm rather than just potential risk. Hence, the event meets the criteria for an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems (LLMs like Gemini and agentic tools) being used by hackers to develop exploits and automate attacks, which have directly led to security breaches and potential large-scale harm. The involvement of AI in creating a zero-day exploit and automating attack orchestration demonstrates direct causation of harm. This fits the definition of an AI Incident, as the AI system's use has directly led to violations of security and potential harm to property and communities. The event is not merely a potential risk or a complementary update but a report of realized harm involving AI.

The article explicitly states that the zero-day exploit was likely developed using AI, with code characteristics typical of large language models. This exploit has been used to attack 2FA systems, which constitutes a direct harm to security and privacy, fitting the definition of an AI Incident under harm to communities and violation of rights. The use of AI in the development and deployment of the exploit is clear, and the harm is realized, not hypothetical. Therefore, this event qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems being used by hackers to develop and weaponize zero-day exploits and malware, which are directly linked to cybersecurity harms. The involvement of AI in these malicious activities is confirmed by Google's analysis of code patterns and attack methods. The harms include violations of security and potential disruption to targeted systems, fitting the definition of an AI Incident. Although some harms may be mitigated or prevented, the active use of AI in exploit development and attacks constitutes realized harm or imminent threat, justifying classification as an AI Incident rather than a hazard or complementary information.

The event explicitly involves AI systems used by hackers to develop and deploy a zero-day exploit, which is a direct cause of a security threat. The exploit could have led to harm if successful, and the use of AI in this context is confirmed by Google's analysis. The incident meets the criteria for an AI Incident as it involves the use of AI in malicious operations causing or attempting to cause harm. The disruption of the attack does not negate the fact that harm was directly attempted through AI-enabled means. Therefore, this is classified as an AI Incident.

The event explicitly involves AI systems used by hackers to develop a zero-day exploit, which is a direct use of AI in malicious activity. The exploit could have led to unauthorized access and harm to users' security and privacy, constituting harm to communities and potentially violations of rights. Although the attack was disrupted, the AI-enabled exploit development occurred, indicating realized harm or at least a direct AI Incident. The involvement of AI in the development and use of the exploit meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves an AI system that was used to create a zero-day exploit, which is a serious cybersecurity threat. Although the exploit was discovered and mitigated before causing harm, the AI's role in developing the exploit means there was a plausible risk of significant harm (mass exploitation). Because no actual harm occurred due to timely intervention, this is best classified as an AI Hazard. The report also clarifies that the AI model Gemini was not used, but some AI model was involved. The event does not describe realized harm but a credible potential harm prevented by discovery and patching.

The event involves the use of AI by malicious actors to exploit a digital vulnerability, which is a clear AI system involvement in a cybersecurity attack attempt. Although the attack was stopped before causing actual harm, the use of AI in this context poses a plausible risk of significant harm, including potential disruption or data breaches. Therefore, this qualifies as an AI Hazard rather than an AI Incident, as harm did not materialize but could plausibly have occurred.

The article explicitly states that hackers used an AI large language model to discover a zero-day exploit, which is a previously unknown vulnerability. This AI involvement directly enabled the cyberattack attempt, which could have led to harm such as unauthorized access and disruption of critical infrastructure. Google disrupted the attack before damage occurred, but the AI system's role in enabling the attack is clear and pivotal. Therefore, this qualifies as an AI Incident due to the direct link between AI use and a harmful cybersecurity event. The event is not merely a potential hazard because the attack was underway and AI was actively used to facilitate it. It is not complementary information or unrelated because the focus is on the AI-enabled cyberattack and its disruption.

The article explicitly mentions AI systems being used by hackers to find and weaponize software vulnerabilities, which is a direct use of AI in cyberattack operations. While the planned attack was stopped before causing damage, the use of AI in this context plausibly leads to future incidents involving harm to critical infrastructure or data security. Therefore, this event fits the definition of an AI Hazard, as it highlights a credible risk of AI-enabled cyberattacks escalating in the future.

The event explicitly involves an AI system used by threat actors to develop and weaponize a zero-day vulnerability, which is a direct cause of a cybersecurity threat. The harm includes potential violations of security and privacy, which fall under harm to property and communities. Although the attack was disrupted before deployment, the AI's role in enabling the exploit is direct and material. This meets the criteria for an AI Incident rather than a hazard or complementary information, as the AI system's use has already led to a harmful event (the creation and attempted exploitation of a zero-day vulnerability).

The report explicitly mentions AI systems being used to develop a zero-day exploit and automate malware operations, which are forms of AI system use leading to harm. The zero-day exploit was developed with AI assistance and intended for mass exploitation, indicating direct involvement of AI in harmful cyber activities. The malware described uses AI to autonomously interact with devices and evade detection, further demonstrating AI's role in causing harm. Although the mass exploitation was disrupted, the development and deployment of AI-powered cyberattacks constitute realized or imminent harm under the definitions of AI Incident. The involvement of AI in these malicious activities and the resulting or potential harm to property and enterprise systems meet the criteria for an AI Incident rather than a hazard or complementary information.

The article explicitly states that AI was used to build a working zero-day exploit, which is a direct cybersecurity threat that can cause harm to systems and users. The exploit targets a two-factor authentication bypass, which is critical for security, and the intent was mass exploitation, indicating potential widespread harm. The involvement of AI in the development and weaponization of the exploit meets the criteria for AI system involvement and direct causation of harm. Additionally, the report mentions other AI-enabled malicious activities, reinforcing the assessment of this as an AI Incident rather than a mere hazard or complementary information. The harm is realized or imminent, not just potential, thus it is not merely an AI Hazard. The event is not just an update or governance response, so it is not Complementary Information. It is clearly related to AI systems and their misuse, so it is not Unrelated.

The article explicitly mentions the use of AI by hackers to exploit a digital vulnerability, indicating AI system involvement in a malicious use context. The attack was disrupted before harm occurred, so no realized harm is reported, but the event shows a credible risk of harm from AI misuse in cybersecurity. Therefore, it fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident if not stopped.

The event involves an AI system used maliciously to develop a zero-day exploit, which is a clear example of AI use in creating tools for cyberattacks. The exploit was intended for mass exploitation by a known cybercrime group, which would have caused harm to digital infrastructure and communities. The AI's role in the exploit's development is direct and pivotal. Although the attack was prevented, the event documents a realized AI-enabled threat that was intercepted, thus constituting an AI Incident rather than merely a hazard. The harm was averted but the AI system's involvement in the malicious development and the imminent threat qualifies this as an AI Incident.

The article explicitly mentions the use of an AI program (likely a large language model) by hackers to find a zero-day exploit, which is a software vulnerability unknown to the vendor and unpatched. The exploit could have been used for mass exploitation, bypassing two-factor authentication, which would have led to unauthorized access and harm to users' security and privacy. Google's proactive discovery and intervention prevented the attack, so no realized harm occurred. The AI system's involvement is in the use phase (use of AI to find the exploit). Since the harm was plausible but did not materialize, this fits the definition of an AI Hazard rather than an AI Incident. The event is not merely complementary information because it reports a specific AI-enabled threat that was imminent and serious. Hence, the classification is AI Hazard.

The article explicitly mentions AI systems being used by hackers to detect and exploit cybersecurity vulnerabilities, including attempts at mass exploitation using zero-day exploits. This use of AI directly contributes to harm by enabling cyberattacks that threaten security and potentially disrupt critical infrastructure or cause data breaches. The involvement of AI in the malicious use and the direct link to harmful cybersecurity incidents qualifies this event as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems being used by hackers to find cybersecurity blind spots and exploit zero-day vulnerabilities, which are unknown to defenders and can cause significant harm if exploited. The hackers' use of AI to send thousands of prompts to recursively analyze vulnerabilities indicates AI's direct involvement in malicious activity. This constitutes an AI Incident because the AI system's use has directly led to or facilitated harm through cybersecurity threats and potential exploitation. The harm includes risks to critical infrastructure and security, fitting the definition of an AI Incident.

The article explicitly states that AI was used by hackers to find and exploit a zero-day vulnerability, which is a direct use of AI in a malicious cyberattack attempt. However, since Google disrupted the attack before any damage or harm occurred, no realized harm took place. The event thus represents a credible and plausible risk of AI-driven cyber exploitation that could lead to harm if successful. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident. The article also discusses broader concerns and responses to AI in cybersecurity, but the main event is the thwarted AI-enabled cyberattack, making it an AI Hazard rather than an Incident or Complementary Information.

An AI system was explicitly used to develop a zero-day exploit, which is a form of malicious use of AI. The exploit could have led to significant harm if successfully deployed, including breaches of security and potential disruption of critical infrastructure or violation of user rights. Although the attack was thwarted, the AI's role in creating the exploit and the credible threat it posed qualifies this event as an AI Incident. The direct involvement of AI in the development and attempted use of the exploit aligns with the definition of an AI Incident due to the realized threat and harm potential.

The article explicitly states that AI was used by hackers to build a working zero-day exploit targeting 2FA, a critical security mechanism. The exploit was weaponized and intended for mass use, which would have caused harm by compromising account security. Google's Threat Intelligence Group confirmed AI involvement with high confidence. The exploit was caught and patched before mass exploitation, but the AI's role in enabling this attack is direct and pivotal. This meets the criteria for an AI Incident because the AI system's use directly led to a security threat with potential harm to property and user security. The event is not merely a potential risk (hazard) or a response/update (complementary info), but a confirmed case of AI-enabled malicious use causing or nearly causing harm.

The article explicitly states that AI was used by hackers to autonomously find and exploit a software vulnerability, which is a clear AI system involvement in the attack's development and use. Although the attack was blocked and no harm materialized, the AI-enabled method of discovering and exploiting vulnerabilities represents a credible and plausible future risk of mass exploitation events causing harm to critical infrastructure or communities. Since no actual harm occurred yet, it does not meet the criteria for an AI Incident but fits the definition of an AI Hazard due to the plausible future harm from AI-driven cyberattacks.

The report explicitly identifies AI systems being used by state-sponsored and criminal actors to conduct cyberattacks that have caused or are causing harm, including exploitation of vulnerabilities, malware deployment, phishing, and disinformation campaigns. These activities constitute violations of rights and disruptions to critical digital infrastructure, fitting the definition of an AI Incident. The presence and use of AI systems are clearly stated, and the harms are ongoing or realized, not merely potential. Hence, the event is classified as an AI Incident.

The event explicitly involves an AI system (a large language model) used by hackers to find and exploit a zero-day vulnerability, which is a direct use of AI in a malicious cyberattack attempt. The attack was disrupted before damage, but the AI's role in enabling the attack is pivotal. This fits the definition of an AI Incident because the AI system's use directly led to a cybersecurity threat with potential harm to critical infrastructure and property. The disruption does not negate the incident classification since the attack attempt itself constitutes harm or risk of harm. The article also discusses broader governance and policy responses, but the main event is the AI-enabled hacking attempt, qualifying it as an AI Incident.

The article explicitly mentions AI systems assisting attackers in discovering and attempting to exploit a zero-day vulnerability, which is a direct involvement of AI in malicious cyber operations. However, the attack was stopped before any exploitation or harm occurred, so no actual harm has materialized yet. The potential for AI-assisted cyberattacks to cause significant harm is credible and recognized by the cybersecurity community. Hence, this event is best classified as an AI Hazard rather than an AI Incident. It is not Complementary Information because the main focus is on the AI-assisted attack attempt itself, not on responses or updates to prior incidents. It is not Unrelated because AI involvement and plausible harm are central to the event.

The exploit was developed with AI assistance, indicating AI system involvement in the creation of a malicious tool. The exploit caused a security breach by bypassing authentication, which constitutes harm to property and potentially to users' rights and security. Since the exploit was actively used and caused harm, this qualifies as an AI Incident due to the AI system's role in the development and use of the exploit leading to harm.

The article explicitly confirms that an AI system (a large language model) was used by criminal hackers to discover a zero-day vulnerability and create a working exploit. This exploit was intended for mass deployment, representing a direct and significant cybersecurity threat. Although the attack was disrupted before causing damage, the use of AI in this context constitutes a direct AI Incident because the AI system's use led to a serious cyberattack attempt, which is a form of harm to property and communities. The involvement of AI in the development and use of the exploit meets the criteria for an AI Incident rather than a hazard or complementary information.

The article explicitly mentions AI systems being used by hacking groups to develop zero-day exploits and conduct autonomous reconnaissance attacks. While Google's intervention prevented harm in this case, the use of AI to enhance cyberattacks represents a credible threat that could plausibly lead to incidents causing disruption of critical infrastructure or other harms. Since no actual harm occurred yet but the risk is credible and significant, the event is best classified as an AI Hazard rather than an AI Incident. It is not Complementary Information because the main focus is on the detection of a new AI-enabled threat, not on responses or updates to past incidents. It is not Unrelated because AI systems are central to the described threat.

The event explicitly involves AI systems used maliciously to develop and weaponize a zero-day exploit, which directly leads to harm by enabling unauthorized access and bypassing security measures. The use of AI in cybercriminal activities such as vulnerability research, exploit development, and attack automation fits the definition of an AI Incident because it has directly led to significant harm or risk thereof. The responsible disclosure mitigates but does not negate the incident classification, as the exploit was developed and could have been used for harm. Therefore, this event is best classified as an AI Incident.

The article explicitly states that criminals used AI to support the discovery and weaponization of a zero-day exploit, which could have led to a mass exploitation campaign bypassing two-factor authentication. This constitutes the use of an AI system in a malicious context, directly linked to a cybersecurity threat that could harm critical infrastructure or data security. Although the attack was stopped before damage, the AI system's role in enabling the exploit and the planned mass campaign meets the criteria for an AI Incident, as the AI's involvement directly led to a significant harm scenario that was narrowly averted. The event is not merely a potential hazard or complementary information but a concrete incident involving AI misuse with direct implications for harm.

The article explicitly states that AI systems are being used by attackers to carry out cyberattacks that have already occurred, including bypassing two-factor authentication. This has led to realized harm in the form of security breaches and exploitation of systems. The AI system's use in developing zero-day exploits and automating attacks directly contributes to these harms. Hence, the event meets the criteria for an AI Incident due to direct harm caused by AI-enabled malicious use.

The report explicitly states that AI was used to develop a zero-day exploit enabling two-factor authentication bypass, which is a direct security harm. Additionally, the autonomous Android malware uses AI to perform malicious actions on devices, causing harm to users' property and privacy. The use of AI-generated deepfakes in influence campaigns also harms communities by spreading misinformation. These harms are realized and directly linked to AI system use, meeting the criteria for an AI Incident rather than a hazard or complementary information.

The event involves an AI system (AI-assisted cyberattack development) that was used maliciously, representing the use of AI in the development and execution of a cyberattack. While the attack was stopped before causing harm, the AI's role in enabling the exploit indicates a credible risk of harm to critical infrastructure or digital security if such attacks succeed. Since no actual harm occurred but the AI involvement plausibly could lead to harm, this fits the definition of an AI Hazard rather than an AI Incident. The article focuses on the detection and prevention of the attack, emphasizing the potential threat rather than realized harm.

The event explicitly involves an AI system's role in the discovery and weaponization of a zero-day exploit, which directly enables attackers to bypass 2FA protections. This leads to a direct security harm risk, including potential theft or unauthorized access to sensitive accounts, which qualifies as harm to property and communities. The exploit's development and use are linked to AI assistance, fulfilling the criteria for an AI Incident. The fact that the exploit was discovered and weaponized with AI support and that it was intended for mass exploitation confirms direct or indirect harm caused by AI involvement. Therefore, this event is best classified as an AI Incident.

The report explicitly states that AI was leveraged to develop a working zero-day exploit, which is a direct malicious use of AI technology. The exploit targeted widely used applications and could have led to mass exploitation, representing harm to property and communities. The incident was discovered and mitigated before mass harm occurred, but the AI's role in enabling the exploit is clear and pivotal. Therefore, this qualifies as an AI Incident due to the direct involvement of AI in causing a cybersecurity threat with potential for significant harm.

The article explicitly describes AI systems being used by attackers to develop zero-day exploits, conduct large-scale vulnerability validation, automate reconnaissance, and produce AI-generated disinformation. These uses have directly resulted in cyberattacks and information warfare, which are harms to communities, property, and potentially critical infrastructure. The report also mentions that some attacks have been mitigated, but the harms have already occurred or are ongoing. The AI involvement is clear and pivotal to the incidents described, meeting the criteria for AI Incidents rather than hazards or complementary information.

The article explicitly mentions AI systems (large language models like Mythos, GPT-5.4-Cyber, Claude, Gemini) that have been used to discover serious security vulnerabilities and generate instructions for creating dangerous biological agents and toxins. Unauthorized use of these models has already occurred, indicating realized harm or at least direct risk of harm. The harms include threats to public health, security, and societal stability, which fall under injury/harm to people and harm to communities. The discussion of AI safety mechanisms and regulatory gaps further supports the classification as an AI Incident rather than a mere hazard or complementary information. The presence of actual misuse and the direct link to serious harms meet the criteria for an AI Incident.

The article explicitly mentions AI systems (Anthropic's Mythos and ChatGPT 5.5 Instant) and their ability to find vulnerabilities that could disrupt financial services, which is critical infrastructure. Although no actual harm or incident has yet occurred, the PRA's warning and call for rapid mitigation indicate a credible risk of future harm. Therefore, this event fits the definition of an AI Hazard, as it plausibly could lead to disruption of critical infrastructure due to AI system involvement.

The event involves AI systems explicitly mentioned as being used by threat actors to conduct large-scale hacking attacks exploiting software vulnerabilities, including zero-day exploits. The AI's role in enhancing the speed, scale, and complexity of attacks directly contributes to harm against critical infrastructure and security, fulfilling the criteria for an AI Incident. The report also mentions concrete ongoing attacks and preparations for large-scale exploitation, indicating realized harm rather than just potential risk. Hence, the classification as AI Incident is justified.

The article explicitly mentions AI models and their use in identifying vulnerabilities that could disrupt financial services, indicating AI system involvement. However, the event is a forward-looking warning about potential risks and the need for mitigation, with no realized harm or incident described. Therefore, it fits the definition of an AI Hazard, as the AI systems' use could plausibly lead to harm in the financial sector if vulnerabilities are exploited.

The article explicitly mentions AI technology as a factor that has increased cybersecurity risks and enabled new attack methods by malicious hackers. The harms described include data breaches, ransomware demands, and potential disruption to critical sectors like healthcare and education, which are direct harms linked to AI-enabled cyberattacks. The involvement of AI in the attackers' tools and methods, and the resulting realized harms, qualify this as an AI Incident under the definitions provided.

An AI system (Mythos) was used to scan code and identify security vulnerabilities, which is a clear AI system involvement in the use phase. The AI system's output directly led to the discovery and subsequent fixing of a real security vulnerability, which is a form of harm prevention related to software security (harm to property or systems). Although the vulnerability was low severity and the AI had a high false positive rate, the confirmed vulnerability and its planned fix constitute an AI Incident because the AI system's use directly led to addressing a security flaw. The event does not describe a potential future harm only, nor is it merely complementary information about AI development or governance. Therefore, it qualifies as an AI Incident.

The article explicitly states that hackers are using AI models to find zero-day vulnerabilities and create attack scripts to bypass 2FA, which is a clear AI system involvement. The attack was planned and partially executed but stopped before causing harm. The AI system's use in this context is a direct factor in the attempted attack, which if successful, would have caused harm to users and systems. Since the attack was prevented and no actual harm occurred, but the risk was imminent and credible, this qualifies as an AI Hazard rather than an AI Incident. The event is not merely general AI news or a response update, so it is not Complementary Information. Therefore, the classification is AI Hazard.

The event involves an AI system explicitly described (Daybreak integrating GPT-5.5-Cyber and Codex Security) used for cybersecurity defense. There is no indication that the AI system has caused any direct or indirect harm (AI Incident), nor does the article report a credible or imminent risk of harm resulting from its use (AI Hazard). Instead, it presents the launch of a new AI product aimed at improving cybersecurity defenses, including governance measures to control access and mitigate misuse. This aligns with the definition of Complementary Information, as it provides context on AI ecosystem developments and governance responses without describing a specific incident or hazard.

The article explicitly mentions the use of AI models by hackers to generate a zero-day vulnerability, which is a direct use of AI leading to a cybersecurity threat. Although the attack was blocked before causing actual damage, the AI system's involvement in creating the exploit constitutes a direct link to a significant harm scenario (potential large-scale cyberattack). This fits the definition of an AI Incident because the AI system's use directly led to a harmful event (attempted exploitation of a zero-day vulnerability). The prevention by Google does not negate the incident classification, as the AI-generated exploit was actively developed and intended for malicious use. The article also provides evidence of AI's role in the incident, fulfilling the criteria for AI Incident rather than AI Hazard or Complementary Information.

The article explicitly confirms that AI was used by hackers to identify and create a zero-day exploit, which is a direct use of AI leading to a cyberattack attempt. The exploit targets security infrastructure (bypassing 2FA), which is a violation of security and can harm users' rights and property. The attack was actively stopped, but the AI's role in the attack development and deployment is clear and direct. Additionally, the article describes ongoing AI-enabled cyberattacks by state actors, indicating realized harm or active threats. This meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves the use of AI systems (likely large language models or similar AI tools) to generate a zero-day exploit, which is a direct AI involvement in a cyberattack method. The exploit aims to bypass security controls and gain unauthorized access, which constitutes a violation of security and potentially harms property, networks, and users. Although no actual harm occurred due to preemptive patching, the AI system's use in developing a novel exploit that could have led to significant harm qualifies this as an AI Hazard with a high risk of harm. However, since the attack was not actually deployed and no harm occurred, it is not an AI Incident. The article also discusses the broader implications and responses, but the main focus is on the detection of this AI-generated exploit method and its potential threat.

The event involves AI systems (advanced AI models like Claude Mythos) that can identify cybersecurity weaknesses in critical financial infrastructure. While the article does not report an actual cyberattack or realized harm, it highlights a credible and significant risk that these AI capabilities could be used maliciously to cause systemic failures in the global banking system, which qualifies as a plausible future harm. Therefore, this constitutes an AI Hazard rather than an AI Incident, as the harm is potential and not yet realized. The article also discusses governance and response measures, but the primary focus is on the risk posed by the AI models themselves.

The event involves an AI system (Anthropic Mythos) used in cybersecurity with capabilities that could lead to significant harm if misused (automated cyberattacks), but the article does not describe any actual harm or incident occurring. Instead, it highlights the potential risks and strategic dilemmas faced by organizations, including government agencies, in managing this AI technology. Therefore, this situation fits the definition of an AI Hazard, as the AI system's development and use could plausibly lead to AI incidents (e.g., automated cyberattacks causing harm), but no direct or indirect harm has yet been reported.

The article explicitly confirms that AI systems, specifically large language models, were used by hackers to identify and create exploit code for a zero-day vulnerability, which is a direct cause of a cybersecurity attack attempt. This fits the definition of an AI Incident because the AI system's use has directly led to a harm scenario (cyberattack exploiting a security vulnerability). The event is not merely a potential risk or future threat but a realized attack attempt involving AI. The involvement of AI in malicious cyber operations and the direct link to harm (security breach attempts) justifies classification as an AI Incident rather than a hazard or complementary information.

The article explicitly mentions the use of AI models by hackers to generate and weaponize a zero-day vulnerability, which is a direct use of AI leading to a cybersecurity threat (harm to property and potentially to communities). The attack was planned and could have caused significant harm, but was stopped by Google's team. This fits the definition of an AI Incident because the AI system's use directly led to a harmful event (or near-harm event) that was averted but clearly materialized as a threat. The involvement of AI in the development and use of the exploit is central to the event. Therefore, this is classified as an AI Incident rather than a hazard or complementary information.

Mythos is an AI system explicitly described with advanced autonomous reasoning and hacking capabilities. While the article does not report any realized harm or incidents caused by Mythos, it clearly outlines the plausible future harms that could arise from its use, such as enabling complex cyberattacks that could harm critical infrastructure or digital security. The concerns by governments and calls for regulation further support the assessment that this AI system could plausibly lead to an AI Incident. Therefore, this event fits the definition of an AI Hazard rather than an AI Incident or Complementary Information.

The event explicitly involves AI systems used by threat actors to develop zero-day exploits and automate attacks, which have either been deployed or nearly deployed, causing or threatening harm. This fits the definition of an AI Incident because the AI's use has directly or indirectly led to significant harm or risk of harm through cyberattacks. The report details actual malicious use of AI, not just potential or hypothetical risks, and describes harm prevention efforts as a response rather than the main event. Therefore, this is classified as an AI Incident.

An AI system is explicitly involved as hackers use AI to autonomously find software vulnerabilities and assist in malware creation. While no actual harm occurred due to successful interception, the event clearly indicates a credible risk of future AI-enabled cyberattacks that could disrupt critical infrastructure or cause other harms. Therefore, this qualifies as an AI Hazard because it plausibly could lead to an AI Incident, but no realized harm has yet occurred.

The event involves the use of advanced AI tools (AI systems) to identify and exploit vulnerabilities in financial and other critical infrastructure systems. Although no specific incident of harm has yet occurred, the IMF highlights a credible and plausible risk that these AI-driven cyberattacks could cause systemic financial disruptions and broader economic harm. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to significant harm to critical infrastructure and communities globally. There is no indication that harm has already materialized, so it is not an AI Incident. The article is not merely complementary information since it focuses on the risk posed by AI-enabled cyberattacks rather than updates or responses to past events.

The article explicitly mentions the use of AI in creating a hacking attack script, which was intended to bypass security measures (2FA) on a system administration tool. This constitutes the use of an AI system in the development and use of a malicious tool. The attack was blocked, but the event involves direct AI involvement in a harmful cyberattack attempt, which fits the definition of an AI Incident. The harm is related to potential breaches of security and unauthorized access, which are violations of property and potentially user rights. The event is not merely a potential hazard or complementary information; it reports a concrete AI-enabled attack attempt that was stopped, thus qualifying as an AI Incident.

The article explicitly states that AI was used in the development of a zero-day attack malware, which was detected and blocked by Google before causing harm. Since no actual harm occurred, but the AI involvement in creating a sophisticated cyberattack is confirmed and represents a credible risk of future harm, this fits the definition of an AI Hazard. The event does not qualify as an AI Incident because the attack was prevented and no injury, disruption, or violation occurred. It is not Complementary Information because the main focus is on the AI-assisted attack attempt itself, not on responses or updates to prior incidents. It is not Unrelated because AI involvement and plausible harm are clearly described.

The article explicitly mentions the use of AI in generating a zero-day exploit, which is a clear AI system involvement in the development and use of malicious code. The attack was detected and blocked, so no direct harm (such as data breach or system damage) is reported as having occurred. However, the AI-generated exploit represents a credible and significant risk of harm to cybersecurity, including potential violations of privacy and disruption of critical infrastructure if such attacks succeed. The event thus fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident. The article also discusses the broader implications and calls for regulatory and research responses, reinforcing the hazard nature of the event. It is not an AI Incident because no harm has yet materialized, nor is it merely Complementary Information or Unrelated, as the AI system's role in the attack is central and the risk is concrete.

The article explicitly mentions AI being used by attackers to find vulnerabilities and attempt to bypass security, which indicates AI system involvement in the attack's development and use. However, the attack was blocked before causing damage or breach, so no direct or indirect harm has materialized. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to an AI Incident if successful, but no incident has occurred yet.

The article explicitly states that AI systems (language models) were directly involved in developing the exploit code used in a zero-day attack, which could bypass two-factor authentication and target critical corporate and financial systems. Although the attack was blocked before large-scale execution, the AI's role in the attack's creation and the potential for harm to critical infrastructure and corporate environments meets the criteria for an AI Incident. The event involves the use and malfunction (exploitation) of an AI system leading to a security breach attempt, which is a direct or indirect cause of harm. The article also discusses the broader impact on security and the shift in cybercrime tactics due to AI, reinforcing the incident classification.

The article explicitly states that AI systems (language models) were used in the development of a zero-day exploit, which is a malicious cyberattack tool. The exploit aims to bypass security mechanisms, enabling unauthorized control over critical infrastructure and data. This constitutes a direct or indirect cause of harm through AI use. The event is not merely a warning or potential risk but documents an actual exploit developed with AI assistance, thus qualifying as an AI Incident under the framework. It is not complementary information because the main focus is on the exploit's creation and its implications, not on responses or broader ecosystem context. It is not unrelated because AI involvement and harm are clearly described.

The article explicitly states that AI was used to develop a functional zero-day exploit, which was intercepted before causing harm. The exploit's design to bypass security measures and the potential for large-scale attacks constitute a direct link to harm (disruption of digital security and potential violation of rights). Although the exploit was stopped, the event involves the use and development of an AI system that directly led to a significant cybersecurity threat, fulfilling the criteria for an AI Incident. The article also discusses broader implications and future risks, but the primary event is the confirmed AI-enabled exploit development and interception, which is a realized harm scenario or near-harm scenario with direct AI involvement.

An AI system is explicitly involved as the attackers use AI to autonomously find vulnerabilities and develop malware, indicating AI system use in the attack. The event does not report actual realized harm from the AI-enabled attack (the attack was blocked before widespread exploitation), but it clearly identifies a plausible future risk of AI-driven cyber incidents that could cause harm to critical infrastructure or digital systems. Therefore, this qualifies as an AI Hazard rather than an AI Incident. The article focuses on the emerging threat and potential harm rather than a materialized incident.

The article explicitly states that hackers used AI to find and exploit software vulnerabilities, which is a direct use of AI systems in malicious cyber operations. The attempted exploitation, even if blocked, constitutes a direct or indirect harm scenario related to cybersecurity threats, which fall under disruption of critical infrastructure or harm to communities. The AI system's role is pivotal in enabling these attacks, fulfilling the criteria for an AI Incident. The event is not merely a potential risk but involves actual attempts to exploit vulnerabilities using AI, thus surpassing the threshold for an AI Hazard and qualifying as an AI Incident.

The article explicitly mentions AI systems (large language models) being used by hackers to find software vulnerabilities and develop malicious code, indicating AI system involvement in cyberattack development and use. Although the planned attack was stopped before causing damage, the event reveals a credible and emerging risk of AI-enabled cyberattacks that could lead to significant harm in the future. Since no actual harm occurred yet, but the AI system's involvement plausibly leads to incidents, this fits the definition of an AI Hazard rather than an AI Incident. The report also highlights the need for improved AI-based defensive measures, reinforcing the recognition of a credible threat.

The article explicitly states that hackers used an AI model to find an unknown vulnerability and attempt an exploit, which was detected and patched. The AI system's involvement in the attack attempt is direct and pivotal, fulfilling the criteria for an AI Incident. The harm is related to cybersecurity, which falls under disruption of critical infrastructure or harm to digital property. Although the attack was mitigated, the event still qualifies as an AI Incident due to the realized attempt and the direct role of AI in enabling it.

The article explicitly states that hackers used AI to discover and exploit a software vulnerability, which is a direct use of AI systems in a harmful cyberattack context. The attack targeted 53 institutions in 42 countries, indicating significant potential harm. Although the exploitation was blocked before a large-scale incident, the AI-enabled attack attempt itself constitutes realized harm or at least a direct attempt to cause harm. The AI system's role is pivotal in enabling the hackers to innovate and automate parts of their attack, fulfilling the criteria for an AI Incident. The event is not merely a potential risk or complementary information but a concrete case of AI misuse leading to harm or attempted harm.

The event involves AI systems explicitly used by hackers to discover vulnerabilities and develop malware, which is a clear AI system involvement. Although the planned attack was stopped before becoming a widespread incident, the use of AI in this context poses a credible risk of significant harm to property, infrastructure, and communities if such attacks succeed. Since no actual harm occurred yet but the AI use could plausibly lead to an AI Incident, this qualifies as an AI Hazard. The article does not describe realized harm but warns of the evolving threat landscape, fitting the definition of an AI Hazard rather than an Incident or Complementary Information.