Google's Big Sleep security AI agent foils bug exploitation

By

AI applied in more vulnerability detection scenarios.

Google has used a security-specific AI agent to detect a second critical vulnerability that was on the radar of threat actors but yet to be exploited.

Google's Big Sleep security AI agent foils bug exploitation

Its security researchers used Google's internal Big Sleep agent to detect a SQLite relational database management system critical security flaw, indexed as CVE-2025-6965, which could lead to memory corruption.

The bug was only known to threat actors, Google said, and about to be exploited before it was patched.

However, the vulnerability was fixed by SQLite before impacting users of the RDBMS.

"We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild," Kent Walker, Google and Alphabet's president of global affairs said.

The company's Project Zero researchers built Big Sleep, announced in November last year, together with Google's DeepMind AI division.

At the time, Big Sleep was able to find a vulnerability in the popular SQLite serverless relational database management system with an artificial agent, enabling the flaw to be remediated before it affected users.

Google Big Sleep schematic

Google is placing its hopes that AI will be able to find vulnerabilities that fuzzing, which involves testing through inputting random, malformed and/or unexpected data into applications, cannot uncover.

In April this year, Google introduced an experimental Sec-Gemini version 1 AI model, which is trained on security vendor Mandiant's data.

Sec-Gemini drives the open-source collaborative digital forensics platform Timesketch, which will now get agentic capabilities, Google said.

Timesketch will be demonstrated at the annual Black Hat USA security conference in Las Vegas in August, along with Google's AI-based Fast and Accurate Contextual Anomaly Detection (FACADE) which has been in use since 2018 for threat spotting.

Google also said it will donate data from its Secure AI Framework (SAIF) to the Coalition for Secure AI (CoSAI), to accelerate the organisation's agentic AI, defensive and software supply chain security workstreams.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
aigooglesecuritysqlite

Sponsored Whitepapers

Gaining a Competitive Advantage with Communication APIs
Gaining a Competitive Advantage with Communication APIs
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks

Events

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments
Top US diplomat impersonated with AI by unknown actor

Top US diplomat impersonated with AI by unknown actor
Google Gemini for Workspace vulnerable to prompt injection attacks

Google Gemini for Workspace vulnerable to prompt injection attacks
UK police arrest four over cyberattacks on M&S, Co-op and Harrods

UK police arrest four over cyberattacks on M&S, Co-op and Harrods
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?