In a noteworthy development, Google’s AI security agent, Big Sleep, has recently identified a previously hidden flaw in SQLite, designated as CVE-2025-6965. This vulnerability had been actively exploited by hackers, underscoring the proactive capabilities of AI in cybersecurity. The discovery was made possible through insights from the Google Threat Intelligence Group, highlighting the potential of AI to detect and address security issues before they escalate.
Enhancements to Google’s open-source forensics tool have also been introduced, as it now operates on the upgraded Sec-Gemini platform. This advancement allows for more efficient log analysis and sharper threat detection, significantly reducing the workload for security analysts and expediting incident response times. A live demonstration of these capabilities is anticipated at the upcoming Black Hat USA conference.
FACADE: Google’s secret insider threat catcher
In addition to Big Sleep, Google is set to unveil FACADE, its insider threat detection system, which has been diligently monitoring billions of daily events since 2018. Utilizing a machine learning technique known as contrastive learning, FACADE does not rely on historical attack data to identify anomalies, making it a powerful tool in the realm of cybersecurity.
At DEF CON 33, Google will co-host a Capture the Flag (CTF) event in collaboration with Airbus, where participants will engage with AI assistants to solve various security challenges. This innovative approach brings AI directly into the hands of security professionals and enthusiasts, fostering a collaborative environment for tackling cybersecurity issues.
Moreover, Google is committed to advancing safer AI development by contributing data from its Secure AI Framework (SAIF) to the Coalition for Secure AI (CoSAI). This initiative aims to enhance research in areas such as agentic AI, software supply chain security, and overall cyber defense, building on efforts initiated at last year’s Aspen Security Forum.
Looking ahead, the conclusion of the AI Cyber Challenge (AIxCC), a DARPA-led competition supported by Google, is on the horizon. The competition’s winners will showcase innovative AI tools designed to identify and rectify vulnerabilities in major open-source software, marking a significant stride towards proactive digital defense.
