CybersecurityVulnerability Management

Firefox Exposed: AI Model Uncovers 271 Zero-Day Vulnerabilities

Analyst 207||Source: Schneier
Modern coding environment with laptop screen, papers, and notes.

Firefox 150 includes fixes for 271 vulnerabilities identified during an initial evaluation with Claude Mythos Preview.

What Anthropic’s tools found: Opus 4.6 and Claude Mythos Preview

Since February, the Firefox team has been "working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser," the team reports. That effort began with a collaboration using Anthropic’s Opus 4.6, which the team says "led to fixes for 22 security-sensitive bugs in Firefox 148." As that work continued, the Firefox team applied an early version of Claude Mythos Preview to the codebase; the result reported this week was the discovery of 271 vulnerabilities that are fixed in Firefox 150.

How the Firefox team described their response

The group frames its reaction in urgent, operational terms. "You may need to reprioritize everything else to bring relentless and single-minded focus to the task," the team wrote, characterizing the response as a near-total shift of priorities to address the findings. They say the experience produced "vertigo" when the scale of the findings first became apparent, but that their effort produced a more hopeful outcome: "We are extremely proud of how our team rose to meet this challenge... We’ve turned the corner and can glimpse a future much better than just keeping up."

Anthropic’s role and the tooling pipeline

The story as presented links two specific Anthropic offerings to Mozilla’s results: Opus 4.6 and the early Claude Mythos Preview. The earlier Opus 4.6 run produced 22 security-sensitive fixes for Firefox 148; the subsequent evaluation with Claude Mythos Preview is associated with the much larger tranche of 271 fixes delivered with Firefox 150. The source describes Claude Mythos as an "early version" used in an initial evaluation, implying these are preliminary results from new-generation defensive tooling rather than a long-standing, productionized pipeline.

What this means for security teams, end users, and adversaries

  • Security teams and maintainers: The Firefox team’s account implies a short-term tradeoff: once frontier models flagged vulnerabilities at scale, teams needed to "reprioritize everything else" and apply concentrated effort to triage and fix. The practical lesson in the source is that adopting these models can produce a high volume of findings that demands operational reconfiguration to handle them.
  • End users and IT administrators: The source emphasizes that defenders have an opportunity only if they can "patch, and push those patches out to users quickly." For users and administrators, that narrows the risk window to the period between patch release (Firefox 150) and successful deployment across devices.
  • Adversaries and threat actors: The source notes a counterintuitive consequence: while one high-severity bug would have been "red-alert" in 2025, discovering hundreds at once forces a reassessment of how attackers and defenders respond. The implication in the source is binary — if defenders can patch rapidly, "this technology favors the defenders."

Constraints: scale, distribution, and the speed of patching

The decisive condition the source highlights is operational: discovering vulnerabilities at scale is only useful if fixes reach users. The source puts that point bluntly: "They’re right. Assuming the defenders can patch, and push those patches out to users quickly, this technology favors the defenders." In other words, the advantage conferred by frontier AI tools is conditional — it depends on the logistical processes that move a fix from developer repository into the hands of an end user.

The Firefox team’s narrative closes on a practical note of guarded optimism. Their reported sequence — Opus 4.6 delivering 22 fixes for Firefox 148, followed by an initial Claude Mythos Preview evaluation leading to 271 fixes in Firefox 150 — presents a concrete instance in which new AI-aided tooling produced a rapid, large-scale set of findings and motivated a focused defensive campaign. The outcome they report is an operational pivot: concentrated effort, reprioritization, and an assertion that defenders can, under the right conditions, "win, decisively."

Original story: https://www.schneier.com/blog/archives/2026/04/claude-mythos-has-found-271-zero-days-in-firefox.html

AnthropicBrowser SecurityEmerging ThreatsVulnerability ManagementZero-DayAI ModelClaude Mythos PreviewFirefoxOpus 4.6
Related Intelligence

Continue Reading

Brightly-lit server room with computer servers and equipment, featuring a networked industrial controller on a rack in the…

Splunk Enterprise Flaw Exposes Systems to Unauthenticated Code Execution

A critical vulnerability in Splunk Enterprise, rated 9.8 on the CVSS scale, leaves systems open to devastating attacks, allowing unauthenticated hackers to execute malicious code and wreak havoc. This shocking flaw, tracked as CVE-2026-20253, enables attackers to create or truncate files with ease, putting your entire system at risk.

Analyst 207
Moderator's workspace with laptop and blurred screen in a community gathering place.

Community Forum Moderation Evolves Amid Security Landscape

Join the conversation, but first, a friendly reminder: let's keep it civil and respectful in Bunker Talk, even when politics heat up - no name-calling, no personal attacks, and stick to the facts. By following these simple rules, we're building the best commenting crew on the net.

Analyst 207
MacBook on a desk with a softly lit modern workspace background and coding elements on the screen.

MacOS Update Exposes New Artifact for Tracing Digital Intent

The latest macOS update has introduced a game-changing digital trail: the App.MenuItem stream, which meticulously logs every menu selection you make, complete with exact timestamps. This new artifact reveals a detailed narrative of your interactions with the operating system interface.

Analyst 207
Young adults in casual professional attire seated in a modern conference room with technology equipment.

CyberCorps Bolsters AI Focus as Funding Lags

Meet the game-changing CyberCorps Scholarship Program, which has successfully launched nearly 5,000 cybersecurity pros into federal roles over the past 25 years. By offering full scholarships and stipends, it empowers students to serve the nation in exchange for a commitment to work in federal cybersecurity.

Analyst 207