Google’s AI agent, dubbed Big Sleep, has achieved a cybersecurity milestone by detecting and blocking an imminent exploit in the wild—marking the first time an AI has proactively foiled a cyber threat. Developed by Google DeepMind and Project Zero, Big Sleep identified a critical vulnerability in SQLite (CVE-2025-6965), an open-source database engine, that was on the verge of being exploited by malicious actors, allowing Google to patch it before damage occurred. “We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild,” the company said.
Why it matters: As cyberattacks surge—costing businesses trillions annually—this breakthrough shifts defense from reactive patching to AI-driven prediction and prevention. It gives security teams a powerful new tool to stay ahead of hackers, potentially saving devices and data worldwide. CEO Sundar Pichai called it “a first for an AI agent—definitely not the last” according to Live Mint.
Go deeper: Big Sleep isn’t just a one-trick pony; since November 2024, it’s uncovered multiple real-world flaws in open-source software, scaling human expertise to scan vast codebases autonomously. In this case, aided by Google Threat Intelligence, it spotted the SQLite flaw—known only to threats—and enabled a swift fix. Google emphasizes safeguards like human oversight and privacy protections in its deployment. Beyond Big Sleep, Google’s ramping up AI security: Timesketch now uses Sec-Gemini for automated forensics, FACADE detects insider threats via billions of events, and partnerships like the AI Cyber Challenge with DARPA aim to crowdsource more innovations.