“Heather Adkins, the Vice President of Google, Security, announced Monday that the LLM-based vulnerability researcher found Big Sleep and reported 20 errors in various popular open source software, ” reports techcrunch:
Adkins said that Big Sleep, which was developed by the AI Department DeepMind of the company and the Elite Team of Hackers Project Zero, reported his very first vulnerabilitiesUsually in open source software such as audio and video library FFMPEG and Imagemagick with image editing. [There’s also a “medium impact” issue in Redis]
Since the vulnerabilities have not yet been resolved, we have no details about their impact or seriousness, such as Google does not want to provide details yetWhat a standard policy is when waiting for bugs to be resolved. But the simple fact that great sleep found these vulnerabilities is important because it shows that these tools are starting to get real results, even if there was a person involved in this case.
“To ensure high quality and usable reports, we have a human expert in the loop before we report, but every vulnerability was found and reproduced by the AI agent without human intervention,” the Google Kimberly Samra spokesperson told Techcrunch.
Google’s Vice President of Engineering posted On social media this shows “a new limit in automated vulnerability discovery.”
#Google #based #bugjager #security #vulnerabilities #Slashdot