John Hultquist, chief analyst at Google Threat Intelligence Group, revealed on Monday that the iceberg has finally hit the hull. For the first time, Google has identified criminal hackers using artificial intelligence to hunt for “zero-day” software flaws at scale. The machines are now writing the malware, and they are doing it with terrifying efficiency.

At the same time, North Korean “job imposters” are infiltrating Silicon Valley’s biggest names. Using deepfakes and AI-forged identities, these state-backed actors are applying for remote roles at Apple, Google, and Amazon. They aren’t just hacking the systems; they are applying for HR benefits. Law firm Wilson Sonsini has issued a global alert, advising firms to ask applicants about “local landmarks and weather” to catch the bots in the hiring pool.

“We have high confidence that the actor likely leveraged an A.I. model to support the discovery and weaponization of this vulnerability,” Google’s report stated. The hackers are handing the boring parts of cyber-warfare—the hunting and the coding—to the algorithms. It is the “Vibe Coding” revolution applied to digital terrorism.

This paper identifies a new luxury: the verified biological employee. In an age where 76 percent of all 2026 crypto thefts are credited to Pyongyang’s hackers, the cost of human trust has skyrocketed. Remote work, once the ultimate perk, is becoming a security liability that only the most reckless firms will afford.

The thread linking these breaches is the total collapse of digital reality. When an AI can find a software bug and a deepfake can pass a job interview, the internet becomes an unvetted slum. The only way to ensure you are talking to a human is to be in the same room. Physical presence is no longer a chore; it is the ultimate security feature.