Google's AI Agent 'Big Sleep' Thwarts Cyberattack Before It Happens, Marking a Milestone in AI-Driven Cybersecurity

Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an artificial intelligence (AI) agent that was launched by Google last year as part of a collaboration between DeepMind and Google Project Zero. "An attacker who can inject arbitrary SQL statements into an application might be able to cause an integer overflow resulting in read off the end of an array," SQLite project maintainers said in an advisory. The tech giant described CVE-2025-6965 as a critical security issue that was "known only to threat actors and was at risk of being exploited." Google did not reveal who the threat actors were. "Through the combination of threat intelligence and Big Sleep, Google was able to actually predict that a vulnerability was imminently going to be used and we were able to cut it off beforehand," Kent Walker, President of Global Affairs at Google and Alphabet, said. "We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild." In October 2024, Big Sleep was behind the discovery of another flaw in SQLite, a stack buffer underflow vulnerability that could have been exploited to result in a crash or arbitrary code execution. Coinciding with the development, Google has also published a white paper to build secure AI agents such that they have well-defined human controllers, their capabilities are carefully limited to avoid potential rogue actions and sensitive data disclosure, and their actions are observable and transparent. "Traditional systems security approaches (such as restrictions on agent actions implemented through classical software) lack the contextual awareness needed for versatile agents and can overly restrict utility," Google's Santiago (Sal) Díaz, Christoph Kern, and Kara Olive said. "Conversely, purely reasoning-based security (relying solely on the AI model's judgment) is insufficient because current LLMs remain susceptible to manipulations like prompt injection and cannot yet offer sufficiently robust guarantees." To mitigate the key risks associated with agent security, the company said it has adopted a hybrid defense-in-depth approach that combines the strengths of both traditional, deterministic controls and dynamic, reasoning-based defenses. The idea is to create robust boundaries around the agent's operational environment so that the risk of harmful outcomes is significantly mitigated, specifically malicious actions carried out as a result of prompt injection. "This defense-in-depth approach relies on enforced boundaries around the AI agent's operational environment to prevent potential worst-case scenarios, acting as guardrails even if the agent's internal reasoning process becomes compromised or misaligned by sophisticated attacks or unexpected inputs," Google said. "This multi-layered approach recognizes that neither purely rule-based systems nor purely AI-based judgment are sufficient on their own."

Google's AI agent 'Big Sleep' just stopped a cyberattack before it started

Google's AI agent, dubbed Big Sleep, has achieved a cybersecurity milestone by detecting and blocking an imminent exploit in the wild -- marking the first time an AI has proactively foiled a cyber threat. Developed by Google DeepMind and Project Zero, Big Sleep identified a critical vulnerability in SQLite (CVE-2025-6965), an open-source database engine, that was on the verge of being exploited by malicious actors, allowing Google to patch it before damage occurred. "We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild," the company said. Why it matters: As cyberattacks surge -- costing businesses trillions annually -- this breakthrough shifts defense from reactive patching to AI-driven prediction and prevention. It gives security teams a powerful new tool to stay ahead of hackers, potentially saving devices and data worldwide. CEO Sundar Pichai called it "a first for an AI agent -- definitely not the last" according to Live Mint. Recommended Videos Go deeper: Big Sleep isn't just a one-trick pony; since November 2024, it's uncovered multiple real-world flaws in open-source software, scaling human expertise to scan vast codebases autonomously. In this case, aided by Google Threat Intelligence, it spotted the SQLite flaw -- known only to threats -- and enabled a swift fix. Google emphasizes safeguards like human oversight and privacy protections in its deployment. Beyond Big Sleep, Google's ramping up AI security: Timesketch now uses Sec-Gemini for automated forensics, FACADE detects insider threats via billions of events, and partnerships like the AI Cyber Challenge with DARPA aim to crowdsource more innovations.

Google's AI Agent Finds a Critical Security Flaw in SQLite | AIM

Google also stated that this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild. Google revealed on July 15 that Big Sleep, its AI agent that finds unknown security vulnerabilities, recently discovered a critical security flaw in SQLite. The vulnerability was only known to threat actors and was at risk of being exploited. "Through the combination of threat intelligence and Big Sleep, Google was able to predict that a vulnerability was imminently going to be used, and we were able to cut it off beforehand," the company said. Google also stated that this is the first time an AI agent has been used to foil efforts to exploit a vulnerability in the wild directly. The vulnerability, tracked as SQL CVE-2025-6965, was described as "an attacker who can inject arbitrary SQL statements into an application might be able to cause an integer overflow resulting in read off the end of an array". Google Big Sleep was announced last year and was developed by Google DeepMind and Google Project Zero. Last November, it was able to find its first real-world security vulnerability. Moreover, Google announced new AI security features on the same day. The company is enhancing Timesketch, its open-source digital forensic platform, with agentic capabilities. This will speed up incident response by automating the initial forensic investigation using AI. "We have always believed in AI's potential to make the world safer, but over the last year, we have seen real leaps in its capabilities, with new tools redefining what lasting and durable cybersecurity can look like," Google stated.

How AI agent Big Sleep became Google's secret cyber watchdog

Google's AI agent Big Sleep has blocked a cyber exploit before hackers could use it, marking a first for proactive artificial intelligence in digital security. CEO Sundar Pichai confirmed the breakthrough, saying the tool stopped an imminent attack targeting SQLite. Built by DeepMind and Project Zero, Big Sleep now protects Google's systems and open-source software. The company says this success points to a future where AI hunts threats before they hit, freeing human experts to tackle tougher risks.