Google’s DeepMind introduced CodeMender, an AI agent that not only detects software vulnerabilities but rewrites code to fix root causes, claiming 72 upstreamed security patches across major open-source projects. The system uses Google’s Gemini models and an LLM-based critique loop to validate changes and avoid regressions, and will be piloted with maintainers of critical codebases. Google also expanded its security posture with an AI Vulnerability Reward Program offering up to $30,000 for issues such as prompt injection and jailbreaks, while updating its Secure AI Framework to address agentic risks. The moves underscore Big Tech’s push to automate software defense amid rising threats from cybercriminals and state-backed actors—and follow industry concerns about model misbehavior flagged by rivals such as Anthropic.
Related articles:
— OWASP Top 10 for LLM Applications
— NIST AI Risk Management Framework
