On May 11, 2026, Google's Threat Intelligence Group published a finding that reframed the conversation about AI agents and security: according to Bloomberg and SecurityWeek, a threat actor had used AI to develop a working zero-day exploit — a two-factor authentication (2FA) bypass — with plans to deploy it in a mass exploitation event. Google detected it before it could be used. The defensive side of this story matters. But the question it raises for any team running AI agents is more uncomfortable: if attackers can now instruct AI to autonomously find and weaponize unknown vulnerabilities, what does that same capability look like inside your own stack — and what governance do you have in place for when your AI agent discovers something it wasn't supposed to find?…