1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • DeepMind's latest AI tool wants to detect and repair software vul

    From TechnologyDaily@1337:1/100 to All on Wed Oct 8 00:30:08 2025
    DeepMind's latest AI tool wants to detect and repair software vulnerabilities before they get attacked

    Date:
    Tue, 07 Oct 2025 23:28:00 +0000

    Description:
    CodeMender uses AI to automatically detect and fix software vulnerabilities across large open source projects, reducing developer workloads.

    FULL STORY ======================================================================CodeMend er automatically generates AI-reviewed security patches for open source projects Google DeepMind says CodeMender reduces vulnerability workloads through code validation DeepMind plans wider developer release once CodeMenders reliability is confirmed

    Google DeepMind has revealed CodeMender, an artificial intelligence agent it says can automatically detect and fix software vulnerabilities before they
    are exploited by hackers.

    Googles AI research arm says the new tool can secure open source projects by generating patches which can be applied once theyve been reviewed by human researchers.

    CodeMender builds on DeepMinds Gemini Deep Think model and uses multiple analysis tools, including fuzzing, static analysis, and differential testing, to identify root causes of bugs and prevent regressions. Helping not
    replacing humans

    Raluca Ada Popa, senior staff research scientist at DeepMind, and John Four Flynn, its vice president of security, said the system had already delivered dozens of fixes.

    Over the past six months that weve been building CodeMender, we have already upstreamed 72 security fixes to open source projects, including some as large as 4.5 million lines of code, Popa and Flynn wrote in a DeepMind blog post .

    The company says CodeMender can act both reactively and proactively,
    repairing discovered flaws and rewriting code to remove classes of vulnerabilities entirely.

    The system should ultimately be able to reduce the security maintenance workload by validating its own patches before sending them for human review.

    The review step is something that Google is keen to stress, noting CodeMender isnt there to replace humans, but rather to act as a helpful agent and expand the increasing volume of vulnerabilities that automated systems can detect.

    In one case, the team says CodeMender automatically applied -fbounds-safety annotations to parts of the libwebp image compression library, a step
    DeepMind claims would have prevented past exploits.

    The annotations force the compiler to check buffer boundaries, lowering the risk of overflow-based attacks.

    The developers also acknowledge the growing use of AI by malicious actors and argue that defenders need equivalent tools.

    DeepMind plans to expand testing with open source maintainers and, once its reliability is properly proven, hopes to release CodeMender for wider developer use.

    Google has also revised its Secure AI Framework and launched a new Vulnerability Reward Program for AI-related flaws. You might also like

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. These are the best AI tools around today AI in 2025: Moving beyond code generation to intelligent development platforms AI-written software Is booming: can you trust the vibe?



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/deepminds-latest-ai-tool-wants-to-detec t-and-repair-software-vulnerabilities-before-they-get-attacked


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)