Google’s in-house AI agent discovers critical vulnerability in Chrome
Google has fixed a critical vulnerability (CVE-2025-9478) in Chrome versions 139.0.7258.154/155 for Windows and macOS, and 139.0.7258.154 for Linux. The vulnerability, a use-after-free vulnerability in the Angle graphics library, has not been exploited for attacks in the wild. The vulnerability was discovered by Google's in-house AI agent, called Big Sleep, which is designed to detect security vulnerabilities without human assistance. While the findings of such AI tools should be treated with caution, in this case, Big Sleep's discovery was validated by experts. Google has also provided updates for Chrome for Android 139.0.7258.158, addressing the same vulnerabilities. Chromium-based browsers, such as Microsoft Edge, Brave, and Vivaldi, are expected to follow suit with updates in the coming days.
Source: For the complete article, please visit the original source link below.
