Google Chrome Patches Critical ANGLE Vulnerability (CVE-2025-9478) Discovered by AI Agent Big Sleep
Do Son 
Google has released a critical security update for the Stable channel of Chrome, addressing a use-after-free vulnerability in ANGLE, the graphics engine that underpins WebGL and other rendering tasks. The flaw, tracked as CVE-2025-9478, was discovered on August 11, 2025, not by a human researcher—but by Big Sleep, Google’s AI-powered vulnerability discovery agent.
First announced in 2024, Big Sleep was developed by Google DeepMind in collaboration with Project Zero. Its mission: proactively discover security flaws before attackers exploit them. By November 2024, Big Sleep had already found its first real-world vulnerability, proving that AI could meaningfully augment human-led security research.
Google explains, “Last year, we announced Big Sleep, an AI agent developed by Google DeepMind and Google Project Zero, that actively searches and finds unknown security vulnerabilities in software. By November 2024, Big Sleep was able to find its first real-world security vulnerability, showing the immense potential of AI to plug security holes before they impact users.”
Since then, the AI has exceeded expectations, uncovering multiple real-world flaws across widely deployed software.
CVE-2025-9478 is not the first critical bug attributed to Big Sleep. Earlier this year, the agent played a pivotal role in thwarting an attempted exploitation of SQLite (CVE-2025-6965). The company added, “We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild.”
The newly patched flaw in ANGLE (Almost Native Graphics Layer Engine) is particularly concerning because ANGLE is central to how Chrome renders graphics across multiple platforms. A use-after-free vulnerability in this component could allow attackers to achieve remote code execution via malicious web content, potentially taking control of systems.
By patching it quickly, Google reduced the risk of widespread exploitation. However, details remain restricted until the majority of users are updated. As the Chrome team notes, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.”
Related Posts:
- Angler Exploit Kit Architect Wanted: U.S. Puts $2.5M Bounty on Belarusian Cybercriminal
- Google’s Big Sleep AI Foils Live Zero-Day Exploit in SQLite (CVE-2025-6965)
- Warning: “Sleeper Agent” Chrome Extensions Infect 1.5 Million Users!
- Chrome Stable Update 139 Blocks High-Severity Exploits in V8, libaom, and ANGLE
- PoC Code Available for Critical SQLite Vulnerability (CVE-2025-6965)
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
