TLDR: Google’s AI cybersecurity agent, ‘Big Sleep,’ has successfully detected and prevented an imminent exploitation of a critical SQLite vulnerability (CVE-2025-6965), marking the first time an AI agent has directly foiled a real-world security threat. This breakthrough, announced by CEO Sundar Pichai, highlights AI’s growing role in proactive digital defense, alongside other new AI-powered security initiatives from Google.
In a significant leap for cybersecurity, Google has announced that its artificial intelligence agent, ‘Big Sleep,’ successfully detected and prevented the imminent exploitation of a critical SQLite vulnerability, identified as CVE-2025-6965. This incident marks a pivotal moment, as it is believed to be the first instance of an AI agent directly foiling a real-world security exploit.
Google CEO Sundar Pichai confirmed the achievement, stating on X (formerly Twitter), “New from our security teams: Our AI agent Big Sleep helped us detect and foil an imminent exploit. We believe this is a first for an AI agent – definitely not the last – giving cybersecurity defenders new tools to stop threats before they’re widespread.”
Developed by Google DeepMind and Google Project Zero, Big Sleep is an advanced AI agent designed to actively search for and identify unknown security vulnerabilities in software. The SQLite flaw it uncovered was a critical security vulnerability known only to threat actors and was on the verge of being exploited. By combining intelligence from Google Threat Intelligence with Big Sleep’s capabilities, Google was able to predict the impending use of the vulnerability and neutralize the threat proactively.
Since its initial real-world vulnerability discovery in November 2024, Big Sleep has exceeded expectations by identifying multiple flaws. Google plans to deploy Big Sleep to enhance security for widely used open-source projects, aiming for faster and more effective internet-wide security.
This breakthrough is part of Google’s broader ‘Summer of Security’ initiative, which introduces several AI-driven advancements. The company is integrating AI capabilities, powered by Sec-Gemini, into Timesketch, its open-source digital forensics platform, to accelerate incident response. Google will demonstrate this technology at Black Hat USA. Additionally, Google is showcasing FACADE (Fast and Accurate Contextual Anomaly Detection), an AI-based system that has been performing insider threat detection within Google since 2018.
At DEF CON 33, Google is partnering with Airbus for a Capture the Flag event, demonstrating how AI can augment cybersecurity professionals’ capabilities. Google is also contributing data from its Secure AI Framework (SAIF) to the Coalition for Secure AI to advance research in agentic AI, cyber defense, and software supply chain security. The final round of Google’s two-year AI Cyber Challenge with DARPA is also set to conclude next month at DEF CON 33.
Also Read:
- Google Gemini Vulnerability Exposes Users to Covert Phishing Attacks
- Generative AI Reshapes Cybersecurity Landscape: A Dual-Edged Sword in Digital Defense
Beyond global initiatives, Google is implementing region-specific measures. In India, where cybercrime like UPI fraud, phishing scams, and deepfakes are prevalent, Google is deploying its AI-driven tools to prevent an estimated ₹20,000 crore (approximately $2.4 billion) in annual cybercrime. This includes real-time fraud warnings on Google, enhanced deepfake detection for YouTube, and AI-driven spam call filters integrated into Android. This comprehensive approach underscores Google’s commitment to leveraging AI as a proactive force in the evolving landscape of digital security.
