Mozilla has revealed that an early version of Anthropic’s Claude Mythos AI model identified 271 security vulnerabilities in its Firefox browser, marking a major milestone in AI-driven cybersecurity.
The vulnerabilities were discovered during testing with Claude Mythos Preview and have been addressed in the latest Firefox 150 release. Mozilla confirmed that more than 40 CVEs were fixed in this update, although only a few were officially attributed to the AI model in public advisories.
According to Mozilla, the scale and quality of findings demonstrate that advanced AI systems can now match the capabilities of top-tier human security researchers. The organization noted that while all identified flaws could have been discovered manually, the speed and efficiency of AI significantly accelerate the vulnerability detection process.
The findings highlight a shift in cybersecurity practices, where AI is increasingly being used to proactively identify and fix vulnerabilities before they can be exploited. By automating large-scale code analysis, tools like Claude Mythos can uncover hidden issues that might otherwise remain undetected for extended periods.
However, the development also raises concerns about the dual-use nature of such technologies. While they strengthen defensive capabilities, similar tools in the wrong hands could be used to discover and exploit vulnerabilities at scale, intensifying the cybersecurity arms race.
The collaboration between Mozilla and Anthropic underscores the growing role of AI in securing critical software infrastructure, as organizations increasingly adopt advanced models to improve resilience against evolving cyber threats.
