Google has reported a significant increase in the number of vulnerabilities discovered in its Chrome browser, with 100 vulnerabilities identified in the advisory published on May 5, attributed likely to the company’s use of artificial intelligence (AI). This marks a notable rise from just a handful reported in late March and early April, and the tech giant has acknowledged that advancements in AI have enabled its teams to remediate risks more effectively. Other major organizations, such as Mozilla and Microsoft, have also experienced increases in the discovery of vulnerabilities using AI tools, highlighting a broader trend in the tech industry where internal and third-party AI systems are being leveraged to accelerate security research and improve code protection measures.
Google: Google is a leading technology company that develops and maintains the Chrome web browser along with a wide range of software and AI products. The company has been actively building internal AI tools for security research, including efforts to automate vulnerability detection and remediation in its products. This focus aligns with the recent increase in Chrome security advisories stemming from internally discovered flaws.
Mozilla: Mozilla develops the Firefox web browser and maintains a strong focus on open-source security practices. The organization has incorporated third-party AI models into its vulnerability research workflow to accelerate flaw identification. This mirrors the trend seen at Google and underscores growing industry reliance on AI for browser security.
Anthropic: Anthropic is an AI research company that creates advanced language models used for specialized tasks including code analysis. Its Claude Mythos model has been deployed by other organizations to uncover security vulnerabilities in browsers and software. Access to such models is limited, with Google among the select group of users that could potentially apply them to internal security work.
Big Sleep: Big Sleep is one of Google’s AI-powered tools designed specifically for vulnerability discovery in software. It operates alongside other internal systems to help identify security issues at scale. The tool contributes to Google’s expanding use of artificial intelligence for faster and more effective risk detection in products like Chrome.
Microsoft: Microsoft develops a broad portfolio of software products and maintains dedicated security research teams. The company has integrated advanced AI vulnerability discovery tools into its processes to identify issues more rapidly across its offerings. This approach reflects the same industry shift toward AI-assisted security that appears to be driving Google’s recent Chrome findings.
CodeMender: CodeMender is an AI-powered code security agent originally created by Google DeepMind that leverages Gemini models to autonomously scan code for vulnerabilities. It recommends fixes, performs secure testing, and supports patch deployment across systems while keeping human oversight. Google has highlighted this tool as part of its broader push into AI-driven security capabilities relevant to the current Chrome vulnerability surge.
Palo Alto Networks: Palo Alto Networks provides cybersecurity solutions and conducts extensive research on vulnerabilities in software and networks. It has adopted advanced AI tools to enhance its ability to detect security flaws in products. The company’s experience illustrates how AI is transforming vulnerability discovery practices across major technology organizations.
`json
{
“AI in Security Research”: “Major technology organizations are increasingly using AI tools to enhance the discovery and remediation of software vulnerabilities.”,
“Google’s Internal Capabilities”: “Google is developing proprietary AI systems for code analysis and security to expedite risk mitigation.”
}
`