Popular open-source web-based system administration tool zero-day 2FA-bypass security flaw
Vulnerability
Summary
Hide ▲
Show ▼
An AI-assisted zero-day in a popular open-source web-based system administration tool created a 2FA-bypass risk before the flaw was closed by the vendor. GTIG said the issue was contained before operational exploitation, limiting immediate exposure. The case matters because it shows AI-assisted weaponization of a previously unknown weakness in an internet-facing admin platform.
Related Happenings
OpenAI ChatGPT Atlas BioShocking fix
Advisory/Mitigation
H score34
First: 01.07.2026 00:50
Last: 01.07.2026 00:50
Sources 1
About this happening:
OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
OpenAI ChatGPT Atlas BioShocking fix
Advisory/MitigationAbout this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...
GC3 AI hackathons for government code remediation
Public Sector Action
H score28
First: 15.06.2026 12:30
Last: 15.06.2026 12:30
Sources 1
About this happening:
**GC3** ran weekly AI hackathons that uncovered and helped remediate **407 vulnerabilities** across **nine UK government departments**, reducing exploitable risk in public-sector...
GC3 AI hackathons for government code remediation
Public Sector ActionAbout this happening: **GC3** ran weekly AI hackathons that uncovered and helped remediate **407 vulnerabilities** across **nine UK government departments**, reducing exploitable risk in public-sector...
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation Wave
H score6
First: 11.05.2026 18:45
Last: 11.05.2026 18:45
Sources 1
About this happening:
Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Open-source admin tool zero-day 2FA bypass exploitation wave
Exploitation WaveAbout this happening: Google identified a **mass vulnerability exploitation operation** using a **zero-day 2FA bypass** against a **popular open-source, web-based system administration tool**, creating...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
Campaign
H score30
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
How related:
Published on May 11, the GTIG AI Threat Tracker report said that “prominent” cybercrime threat actors partnered to plan a mass vulnerability exploitation operation.
About this happening:
An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign
CampaignHow related: Published on May 11, the GTIG AI Threat Tracker report said that “prominent” cybercrime threat actors partnered to plan a mass vulnerability exploitation operation.
About this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical Analysis
H score33
First: 11.05.2026 16:00
Last: 11.05.2026 16:00
Sources 1
About this happening:
**Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Google GTIG analysis of adversary AI use for exploit development and attack orchestration
Technical AnalysisAbout this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...
Timeline
-
11.05.2026 16:00 2 articles · 1mo ago
GTIG warns of AI-assisted zero-day against an admin tool
Initial DisclosureGoogle Threat Intelligence Group said it saw the first evidence of a threat actor using AI to identify and weaponize a zero-day vulnerability to bypass two-factor authentication (2FA) protections on a popular open-source, web-based system administration tool, and said it worked with the system admin tool vendor to close the flaw and disrupt the campaign before exploitation.
Show sources
- Hackers Observed Using AI to Develop Zero-Day for the First Time — www.infosecurity-magazine.com — 11.05.2026 16:00
- Hackers Observed Using AI to Develop Zero-Day for the First Time — www.infosecurity-magazine.com — 11.05.2026 16:00