Google AI Agent Big Sleep Finds First Security Flaw Autonomously

Most of the stories that have been going around lately have AI playing an envious part. It’s not always the bad guy; sometimes it’s the cautious ally you want to slap across the nose.

This is a heart-warming tale about an AI that, in reality, saved the day and didn’t get all smarmy about it while also, some believe, displacing a number of humans from their jobs. Google claims that its “Big Sleep” AI agent just accomplished a first for the world: identifying an imminent cyberattack and thwarting it before it could happen.

A SQLite vulnerability that could be exploited was found by Google’s Big Sleep agent and this can be risky.

Big Sleep, Google’s artificial intelligence (AI) agent, recently achieved a significant cybersecurity advance, the company said Tuesday. An SQLite vulnerability in the company’s product was found by Big Sleep, an AI agent with a cybersecurity focus created by Google DeepMind and Google Project Zero. The IT giant with headquarters in Mountain View emphasized that malicious actors were aware of the security flaw and that it might be exploited. However, the AI agent detected the problem and rectified it right away before the hacker could use it to access the tech giant’s networks.

The tech giant described Big Sleep’s accomplishments in a blog post earlier this month. It is noteworthy that the AI agent discovered its first real-world vulnerability in 2024, the same year it was originally introduced. The security-focused agent has since made a number of these findings, according to Google. But until recently, it was unable to identify any zero-day vulnerabilities—security holes that are present but have not yet been misused or exploited.

Google noted that Big Sleep had found a critical SQLite vulnerability (CVE-2025-6965) in one of its products, but it did not provide a timeframe or the product’s name. Based on an intelligence assessment from Google Threat Intelligence, the AI agent started searching for the defect.

“Google was able to actually predict that a vulnerability was going to be used imminently and we were able to cut it off beforehand through the combination of threat intelligence and Big Sleep,” Google stated.

Google declared that it was able to address the issue before malicious actors could take advantage of it because of prompt identification. Notably, the business asserted that this is the first instance of an AI agent identifying such a vulnerability under actual circumstances. The business stated, without identifying any of the projects, that Big Sleep is currently being used to safeguard the security of well-known open-source initiatives.

Google claimed that these cybersecurity agents are revolutionary because they allow security teams to concentrate on high-complexity threats, significantly increasing their impact and reach. The tech giant also released a white paper outlining its strategy for creating AI bots.

Notably, the search giant also revealed that it will help with data from its Secure AI Framework (SAIF) to support the expansion of the agentic AI, cyber defense, and software supply chain security workstreams of the Coalition for Secure AI (CoSAI) effort. Google, along with industry partners, established CoSAI to guarantee the safe deployment of AI systems.

Big Sleep is new, but it’s not new. As Google stated, “by November 2024, Big Sleep was able to find its first real-world security vulnerability, demonstrating the immense potential of AI to plug security holes before they impact users.” Google made the announcement last year.

However, that was not the same as blocking a coming attack. The clock is ticking when it comes to recognize and stop a possible attack, and the AI’s job is likely to be much more difficult and pressing.

Well done. Good news is good news, even while it doesn’t reverse all of the recent negative publicity that AI agents have received—much of it well-deserved.