Google has announced that its AI-based “Big Sleep” system has reported its first 20 vulnerabilities.Heather Adkins, Vice President of Security at Google, said in a post on X: “Today, as part of our commitment to transparency in this space, we are proud to announce that we have reported the first 20 vulnerabilities discovered using our AI-based ‘Big Sleep’ system powered by Gemini.”Big Sleep was developed by Google’s AI division DeepMind, in collaboration with its elite team of hackers, Project Zero. The reported vulnerabilities were found mostly in open-source software, including the image editing suite ImageMagick and the audio/video library FFmpeg.Royal Hansen, Vice President of Engineering at Google, said the findings demonstrate “a new frontier in automated vulnerability discovery.”“Our AI agent found a series of vulnerabilities in widely used & reviewed software,demonstrating a new frontier in automated vulnerability discovery,” he wrote on X.Tools powered by large language models (LLMs) that can detect and report vulnerabilities are already in use. Alongside Big Sleep, other LLM-powered tools capable of identifying vulnerabilities include XBOW and RunSybil.
Source link
