Particle.news

Download on the App Store

Google Publishes First 20 Vulnerabilities Found by Big Sleep AI

Further technical briefings are scheduled after patches are applied under Google’s 90-day disclosure policy

Image
Google's AI tool Big Sleep has detected 20 security flaws in widely used open-source software.
Image: Murrstock/Adobe Stock
Image

Overview

  • Google has released its first public list of 20 open-source vulnerabilities discovered by Big Sleep, with technical details withheld until patches are applied under its 90-day disclosure policy.
  • Big Sleep autonomously detects and reproduces flaws before human experts validate reports to ensure accuracy and mitigate hallucinations.
  • The AI agent recently identified and thwarted a critical zero-day SQLite vulnerability rated 7.2 on the CVSS scale, preventing potential in-the-wild exploits.
  • Developed by DeepMind and Project Zero, Big Sleep accelerates high-volume testing to free human researchers for strategic cybersecurity tasks.
  • Google will present deeper analysis at Black Hat USA followed by DEF CON 33 and contribute anonymized training data to the Secure AI Framework.