Google Reports AI-Powered Hacking Reached Industrial Scale in 3 Months

Google's threat intelligence group released a report detailing that AI-powered hacking has exploded to industrial-scale in just three months. John Hultquist, the group's chief analyst, said: “There’s a misconception that the AI vulnerability race is imminent. The reality is that it’s already begun.”
Criminal groups and state-linked actors from China, North Korea, and Russia are widely using commercial models—including Gemini, Claude, and OpenAI tools—to refine and scale up attacks. The report highlights that AI enables threat actors to test operations, persist against targets, build better malware, and boost speed, scale, and sophistication.
Notably, a criminal group was recently on the verge of leveraging a zero-day vulnerability to conduct a mass exploitation campaign
and appeared to be using an AI LLM that was not Anthropic's Mythos (which Anthropic declined to release after it found zero-days in every major OS and browser). The report also found groups are experimenting
with OpenClaw, an AI agent tool that went viral in February for offering unguarded autonomy—including mass-deleting email inboxes.
Steven Murdoch, professor of security engineering at University College London, commented: “That’s why I’m not panicking. In general we have reached a stage where the old way of discovering bugs is gone, and it will now all be LLM-assisted.”
Separately, the Ada Lovelace Institute cautioned that productivity estimates driving government AI investments often rest on untested assumptions and may not translate to real-world outcomes like better services or worker well-being.
📖 Read the full source: HN AI Agents
👀 See Also

AI Agent Guardrails Decay Over Time Without Active Maintenance
AI agent guardrails degrade over time as system prompts accumulate updates, model versions change, and new tools are added, often resulting in contradictory or ignored safety rules that require regular review and testing.

ClawGuard: Open-Source Security Gateway for OpenClaw API Credential Protection
ClawGuard is a security gateway that sits between AI agents and external APIs, using dummy credentials on the agent machine while storing real tokens separately. It provides Telegram approval for sensitive calls and maintains an audit trail of requests.

AI Agent Production Deletion Incidents: The Pattern and the Fix
Production deletion incidents from PocketOS, Replit, and Cursor share a common access pattern. Fix: agents get no production credentials; all changes flow through CI/CD with a policy-scoring gate.

NanoClaw's Security Model for AI Agents: Container Isolation and Minimal Code
NanoClaw implements a security architecture where each AI agent runs in its own ephemeral container with unprivileged user access, isolated filesystems, and explicit mount allowlists. The codebase is deliberately minimal at around one process and a handful of files, relying on Anthropic's Agent SDK instead of reinventing functionality.