Google's threat intelligence team confirmed today that they disrupted a criminal group using artificial intelligence to exploit a zero-day vulnerability in another company's digital defenses. The attackers used a large language model, the same kind of technology that powers consumer chatbots, to discover the flaw and weaponize it. Google notified law enforcement, alerted the affected company, and stopped the operation before any damage was done. But the bigger story is what John Hultquist, chief analyst at Google's Threat Intelligence Group, said when describing the moment. "It's here. The era of AI-driven vulnerability and exploitation is already here." That is the world's largest cybersecurity intelligence operation declaring the AI cyber war officially started. Not predicted. Not coming soon. Started. And it lands on the same day Anthropic shipped Agent View for Claude Code, the developer-side proof that AI is no longer a chat tool but an operational layer for software work. Two stories from the same Monday. Two sides of the same coin. AI is now writing your software and breaking into it at the same time.

Here is what we know from Google's disclosure today.

The attack was real and active. Google's threat intelligence team found a criminal group attempting to use AI to exploit a previously unknown vulnerability in a real company. This was not a research test. This was not a tabletop exercise. Live attackers. Live exploit. Live target. The kind of breach that costs companies millions in ransomware payouts or data theft.

The disruption worked. Google traced the attackers' footprints and was able to stop the operation before damage occurred. But while investigating, they found something troubling. Evidence in the attack chain showed the hackers had used a large language model to actually discover the vulnerability. Not just write phishing emails. Not just generate fake content. Find the flaw itself.

The model was not Gemini or Claude Mythos. Google explicitly stated that the AI used was most likely not their own Gemini or Anthropic's Claude Mythos. Both companies have controls in place to prevent exactly this kind of misuse. The implication is significant. The attackers used either an open-source model, a stolen frontier model, or a less-guarded commercial model. Whatever they used, the safety guardrails did not stop them.

The attribution is murky on purpose. Google declined to identify the criminal group, the affected company, or the specific AI model. What they did say is that groups tied to China and North Korea have been exploring similar techniques. But this particular attack did not appear to be state-sponsored. It was criminal. Which is in some ways worse, because criminal hackers move faster than government spies and have stronger incentives to scale up fast.

The "It's here" quote is going to define this era. John Hultquist's words today will be the line every cybersecurity report quotes for the next decade. The era of AI-driven vulnerability and exploitation is already here. Not predicted. Not theoretical. Caught in the wild. Disrupted by Google. Confirmed today.

Because everything else was forecasting and this is reporting.

For months we have been writing about Mythos. About the UK NHS walling off GitHub. About the Pentagon refusing to do business with Anthropic over Mythos concerns. About David Sacks predicting that every frontier model would have Mythos-level cyber capabilities within six months. About the White House drafting executive orders to vet AI models before release.

All of that was preparation for a future that had not arrived.

Today the future arrived. Google did not write a research paper. Google did not host a conference panel. Google caught attackers in the act and disclosed it publicly with their threat intelligence team's lead analyst telling the world that this is now the default reality.

The implications are massive. Every company on earth running software now operates in a world where attackers have AI assistance. The asymmetry between human defenders and AI attackers just became real. Defenders have to harden trillions of lines of legacy code while attackers can use AI to scan all of it at machine speed looking for weaknesses. This is the moment cybersecurity stops being primarily a human discipline and becomes primarily an AI-versus-AI discipline.

Some Cool Stuff Worth Noting

While Google was disclosing the AI cyber war, Anthropic shipped one of the most useful developer features Claude Code has had all year. Agent View. Available today as a research preview for Pro, Max, Team, Enterprise, and Claude API plans.

Here is what it does. Agent View is a single command-line dashboard that shows every Claude Code session you have running. Each row shows the session, its current state, when it last did something, and whether it is working, waiting for input, completed, failed, idle, or stopped. Run claude agents from any session and you get the full roster. Move sessions into the background with /bg. Launch new background jobs with claude --bg. Peek at the latest turn with spacebar. Reply inline. Jump into the full transcript with Enter.

For developers running multiple Claude Code sessions across different repos and tasks, this fixes the biggest workflow pain point that has existed for the last six months. You used to manage parallel coding sessions with terminal tabs, tmux panes, or just keeping a mental model of which Claude was doing what. Now you have one dashboard.

The strategic framing is what matters. Anthropic is no longer pitching Claude Code as a chat-driven coding tool. They are pitching it as an agent operations layer for software teams. Agent View, subagents, agent teams, skills, hooks, Remote Control, scheduled prompts, Claude Code on the web. All of it adds up to a vision where Claude Code is the control plane for AI-driven software work. Not a chatbot that helps you write code. A system that runs many parallel agents that write code while you supervise.

Requires Claude Code v2.1.139 or later. Opt in by running claude agents. Standard rate limits apply.

If you run a company with software systems, the AI cybersecurity threat is no longer theoretical. Talk to your security team this week. Ask what AI-driven attack detection looks like in your environment. Ask whether you have visibility into the kind of attack Google caught today. If the answer is unclear, that is the answer.

If you work in cybersecurity, you already knew this was coming. Today is the day to brief your executive team with Google's quote on screen. "It's here." That should accelerate every budget request and tool purchase you have been trying to push through.

If you build with Claude Code, Agent View is a real productivity unlock. If you have been running three or four sessions in parallel and switching between them in terminal tabs, install v2.1.139 today and try claude agents. The workflow improvement is significant.

If you watch the AI race, today reinforces the trend. AI is no longer a single thing happening in chat interfaces. It is happening on offense in criminal operations, on defense in cybersecurity teams, on workstations in developer terminals, in cloud data centers, and increasingly inside everyday consumer products. The technology has fragmented across every layer of computing and is changing the rules of every layer simultaneously.

Google confirmed today that criminal hackers used AI to exploit a zero-day vulnerability in a real company. John Hultquist of Google Threat Intelligence said the era of AI-driven vulnerability and exploitation is already here. The AI used was not Gemini or Claude Mythos. China and North Korea-linked groups are exploring similar techniques. Google disrupted the operation before damage was done but the precedent is real. The AI cyber war officially started in public view today. Anthropic also shipped Agent View for Claude Code today, a unified dashboard for every coding session, available as a research preview for Pro, Max, Team, Enterprise, and API plans. AI is writing your software. AI is breaking into your software. Both are happening on the same Monday. The era we have been warning about for the last six weeks just officially became the era we are living in.

Claude Code Agent Mode 👉 Here

Stay building. 🤖