Google’s AI agent Big Sleep just stopped a major hack before it happened.
The tool, designed to find unknown software vulnerabilities, flagged a critical bug in SQLite called CVE-2025-6965. This flaw was only known to hackers and on the verge of being exploited.
Google says Big Sleep predicted the attack and shut it down preemptively. 
The bug affects SQLite, a widespread open-source database engine used by developers worldwide.
Google’s threat intelligence team first spotted suspicious activity but couldn’t identify the exact vulnerability. They passed limited info to Google’s zero day initiative, which used Big Sleep to pinpoint the flaw.
Google declined to say who the hackers were or what clues tipped them off.
Since Big Sleep launched in November, it’s found multiple real-world vulnerabilities — exceeding Google’s own expectations.
Now, Google is using Big Sleep to help secure open-source projects and calls AI agents a “game changer” for freeing security teams to tackle harder threats.
Google published a white paper detailing how they build AI agents with safeguards and transparency.
The AI bug hunting race is heating up. The US Defense Department will soon announce winners of a multi-year AI vulnerability detection competition.
Google shared more on this in their summer 2025 cybersecurity update.
A Google spokesperson told Recorded Future News:
“The limited indicators were passed along to other Google team members at the zero day initiative who leveraged Big Sleep to isolate the vulnerability the adversary was preparing to exploit in their operations,” they said.
“We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild.”
Get more insights with the Recorded Future Intelligence Cloud.
