Google’s AI agent “Big Sleep”, which was launched last year to search for unknown security vulnerabilities, has uncovered multiple such vulnerabilities since its launch, the search giant revealed. Most recently, it discovered CVE-2025-6965, an SQLite vulnerability which was already being exploited by malicious actors.
This is the first time that an AI agent has directly intervened to stop an in-the-wild exploit, Google believes. Google said that Big Sleep has also been deployed to try and enhance the security of widely used open-source projects. The shift to using Big Sleep to deliver proactive vulnerability prediction adds another tool to the arsenal of those fighting threat actors.
Aside from some of Big Sleep’s latest achievements, Google unveiled some new AI capabilities it has been working on to boost defenses. One of these is Timesketch, an open-source digital forensics platform that’s being enhanced with agentic capabilities powered by Sec-Gemini. This tool will be able to automate initial forensic investigations to speed up incident response.
Google also announced that it will demonstrate FACADE (Fast and Accurate Contextual Anomaly Detection) at Black Hat in August. Google has been using this tool internally since 2018 to process billions of daily security events to identify internal threats without needing historical attack data.
As part of the announcement today, Google revealed that it’s donating data from its Secure AI Framework (SAIF) to accelerate the work of the Coalition for Secure AI (CoSAI), which it helps to set up. This donation will help with CoSAI’s work on agentic AI, cyber defense, and software supply chain security.
Additionally, Google will unveil the winners of the AI Cyber Challenge with DARPA at DEF CON 33 next month. The challengers will show off new AI tools that help to find and fix vulnerabilities that can secure major open-source projects.
Hopefully, all these efforts will translate into a safer digital landscape for everybody.
Image via Depositphotos.com