Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google DeepMind CodeMender AI agent debuts to detect and patch vulnerable code

Security Tool/Service
First reported
Last updated
Happening score
H score 12
1 unique sources, 1 articles

Summary

Hide ▲

Google DeepMind launched CodeMender, an AI-powered agent that detects, patches, and rewrites vulnerable code to reduce future exploit risk. The system uses Gemini Deep Think models and an LLM-based critique tool to validate fixes and avoid regressions. DeepMind says it has already upstreamed 72 security fixes to open source projects, including codebases as large as 4.5 million lines of code. Google also plans to share CodeMender-generated patches with maintainers of critical open-source projects to keep codebases secure.

Related Happenings

ExploitBench benchmark shows frontier AI models can stage Chrome exploit chains against vulnerable V8 builds

Technical Analysis
H score16 First: 04.06.2026 16:00 Last: 04.06.2026 16:00 Sources 1

About this happening: Bugcrowd’s **ExploitBench** now shows frontier AI models can progress through staged **Google Chrome** exploit chains, raising the risk of faster **AI-assisted exploit development...

Microsoft MDASH enters limited private preview for AI-driven vulnerability discovery at scale

Security Tool/Service
H score26 First: 13.05.2026 16:46 Last: 13.05.2026 16:46 Sources 1

About this happening: Microsoft's **MDASH** has entered **limited private preview**, adding a new **AI-driven vulnerability discovery** service that can validate and prove exploitable defects at scale....

Google GTIG analysis of adversary AI use for exploit development and attack orchestration

Technical Analysis
H score33 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...

Prominent cybercrime threat actors AI-assisted zero-day exploitation campaign

Campaign
H score30 First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: An **AI-assisted zero-day exploitation campaign** was planned by **prominent cybercrime threat actors**, but the effort was **disrupted before deployment** and did not reach its i...

Shifty Corsair evolves open-source supply-chain tradecraft with fake firms, layered packages, and AI-assisted deception

Threat Actor Meta
H score42 First: 29.04.2026 17:43 Last: 29.04.2026 17:43 Sources 1

About this happening: **Shifty Corsair** has expanded its operating model into a more convincing developer-lure ecosystem, increasing the risk of open-source supply-chain compromise against **Web3** ta...

Timeline

  1. 07.10.2025 18:18 2 articles · 9mo ago

    Google DeepMind launches CodeMender and AI VRP

    Initial Disclosure

    Google DeepMind announced CodeMender, an AI-powered agent that automatically detects, patches, and rewrites vulnerable code, using Gemini Deep Think models and a large language model (LLM)-based critique tool to validate fixes and avoid regressions. DeepMind said the system is both reactive and proactive, has already upstreamed 72 security fixes to open source projects over the past six months, and has been used on codebases as large as 4.5 million lines of code. Google also said it plans to share CodeMender-generated patches with maintainers of critical open-source projects and instituted an AI Vulnerability Reward Program (AI VRP) for AI-related issues such as prompt injections, jailbreaks, and misalignment, with rewards up to $30,000.

    Show sources