John Hultquist sat behind a bank of flickering monitors at Google’s Threat Intelligence Group, detailing a new kind of digital warfare. For the first time, Google has identified a criminal hacking group using artificial intelligence to discover a previously unknown software flaw. This is not just a hack; it is the weaponization of the digital commons. North Korean state-backed actors are now using AI models to autonomously hunt for zero-day vulnerabilities, creating a mass exploitation event that threatens the security of every connected device.

The numbers are staggering. North Korean hackers are now responsible for 76 percent of all stolen cryptocurrency in 2026. They are no longer just breaking into banks; they are infiltrating the workforce. Law firms like Wilson Sonsini have issued global alerts regarding North Korean “job imposters” who use AI and deepfakes to secure remote positions at major tech firms like Apple and Amazon. These digital infiltrators are targeting HR, recruitment, and security systems to fund the reclusive nation’s missile programs.

“We have high confidence that the actor likely leveraged an AI model to support the discovery and weaponization of this vulnerability,” Hultquist said. This is the tip of the iceberg. The digital well is being poisoned by “Slopsquatting,” where hackers use AI to generate malicious code that mimics legitimate software. The working class, forced to rely on open-source tools, is being left unprotected while the tech elite hide behind gated security models like Anthropic’s Mythos.

The state has failed to secure the digital perimeter. By allowing AI models to operate without guardrails, the government has handed a superpower to the most aggressive actors on the global stage. The result is a digital landscape where nothing can be trusted and everyone is a target. Your bank account, your identity, and your security are now just variables in a North Korean algorithm.