Google’s AI Agent Big Sleep Discovers Vital Safety Vulnerability, Stated to Be a First

Google introduced on Tuesday that its synthetic intelligence (AI) agent Big Sleep lately made a significant cybersecurity breakthrough. Big Sleep, a cybersecurity-focused AI agent developed by Google DeepMind and Google Project Zero, was in a position to uncover an SQLite vulnerability within the firm’s product. The Mountain View-based tech large highlighted that the safety flaw was recognized to unhealthy actors and was vulnerable to being exploited. But earlier than the bug could possibly be used to hack into the tech large’s programs, the AI agent flagged the difficulty, and it was instantly mounted.

Big Sleep AI Agent Discovers SQLite Vulnerability

In a weblog publish, the tech large detailed the achievements of Big Sleep. Notably, the AI agent was first unveiled in 2024, and it was in a position to uncover its first real-world vulnerability in the identical yr. Google claims that since then, the security-focused agent has made a number of such discoveries. However, it didn’t discover any zero-day vulnerabilities (safety flaws that exist, however are but to be abused or exploited) until very lately.

Without specifying the timeline or the identify of the product, Google highlighted {that a} crucial SQLite vulnerability (CVE-2025-6965) was found by Big Sleep in one among its merchandise. The AI agent took motion to search for the flaw based mostly on an intelligence report from Google Threat Intelligence.

The tech large claimed that attributable to well timed identification, the corporate was in a position to repair it earlier than unhealthy actors may exploit it. Notably, the corporate claimed that that is the primary time an AI agent was capable of finding such a vulnerability in real-world circumstances. Big Sleep is now being deployed to additionally shield the safety of standard open-source initiatives, the corporate stated, with out naming any of those initiatives.

“These cybersecurity agents are a game changer, freeing up security teams to focus on high-complexity threats, dramatically scaling their impact and reach,” Google stated. Additionally, the tech large additionally printed its method in direction of constructing AI brokers in a white paper.

Notably, the search large additionally introduced that it’ll donate knowledge from its Secure AI Framework (SAIF) to assist scale the Coalition for Secure AI (CoSAI) initiative’s agentic AI, cyber defence, and software program provide chain safety workstreams. CoSAI was launched by Google in collaboration with trade companions to make sure the protected implementation of AI programs.