Home
Ai
Ai News
Google’s AI Agent Big Sleep Discovers Critical Security Vulnerability, Said to Be a First

Google’s AI Agent Big Sleep Discovers Critical Security Vulnerability, Said to Be a First

Google’s Big Sleep agent discovered an SQLite vulnerability that was at risk of being exploited.

Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 17 July 2025 16:31 IST

Google’s AI Agent Big Sleep Discovers Critical Security Vulnerability, Said to Be a First

Photo Credit: Unsplash/FlyD

Google has released a white paper about Big Sleep to highlight how it is building AI agents for security

Highlights

Google said the vulnerability was known to bad actors
The AI agent is also being deployed for open-source projects
Big Sleep found the first security flaw in November 2024

Google announced on Tuesday that its artificial intelligence (AI) agent Big Sleep recently made a major cybersecurity breakthrough. Big Sleep, a cybersecurity-focused AI agent developed by Google DeepMind and Google Project Zero, was able to discover an SQLite vulnerability in the company's product. The Mountain View-based tech giant highlighted that the security flaw was known to bad actors and was at risk of being exploited. But before the bug could be used to hack into the tech giant's systems, the AI agent flagged the issue, and it was immediately fixed.

Big Sleep AI Agent Discovers SQLite Vulnerability

In a blog post, the tech giant detailed the achievements of Big Sleep. Notably, the AI agent was first unveiled in 2024, and it was able to discover its first real-world vulnerability in the same year. Google claims that since then, the security-focused agent has made several such discoveries. However, it did not find any zero-day vulnerabilities (security flaws that exist, but are yet to be abused or exploited) till very recently.

Without specifying the timeline or the name of the product, Google highlighted that a critical SQLite vulnerability (CVE-2025-6965) was discovered by Big Sleep in one of its products. The AI agent took action to look for the flaw based on an intelligence report from Google Threat Intelligence.

Meta Said to Have Fixed a Bug That Could Leak Users' Private AI Chats

The tech giant claimed that due to timely identification, the company was able to fix it before bad actors could exploit it. Notably, the company claimed that this is the first time an AI agent was able to find such a vulnerability in real-world conditions. Big Sleep is now being deployed to also protect the security of popular open-source projects, the company said, without naming any of these projects.

“These cybersecurity agents are a game changer, freeing up security teams to focus on high-complexity threats, dramatically scaling their impact and reach,” Google said. Additionally, the tech giant also published its approach towards building AI agents in a white paper.

Notably, the search giant also announced that it will donate data from its Secure AI Framework (SAIF) to help scale the Coalition for Secure AI (CoSAI) initiative's agentic AI, cyber defence, and software supply chain security workstreams. CoSAI was launched by Google in collaboration with industry partners to ensure the safe implementation of AI systems.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google, AI agent, AI, Artificial Intelligence, Cybersecurity

Akash Dutta Email Akash Dutta

Akash Dutta is a Chief Sub Editor at Gadgets 360. He is particularly interested in the social impact of technological developments and loves reading about emerging fields such as AI, metaverse, and fediverse. In his free time, he can be seen supporting his favourite football club - Chelsea, watching movies and anime, and sharing passionate opinions on food. More