Mozilla Finds 271 Firefox Security Flaws Using Anthropic AI

Mozilla announced that Anthropic's Mythos AI tool identified 271 security vulnerabilities in the Firefox browser with almost no false positives ^[1].

This development marks a shift in how software companies identify security gaps. By reducing the "noise" of incorrect reports, developers can patch critical flaws faster without wasting resources on non-existent bugs.

The bug hunt, which covered vulnerabilities identified in April 2026, utilized the Claude Mythos preview to analyze the Firefox codebase [1, 3]. While some reports indicate that Mozilla identified as many as 423 security bugs during that period ^[3], the company highlighted the 271 findings as having the highest level of confidence ^[1].

Traditional AI-assisted security audits often struggle with "slop," or a high volume of inaccurate reports that engineers must manually filter. Mozilla's security team used a harness-guided analysis confirmed by a second large language model to validate the results ^[1].

"Unlike previous vulnerability disclosure slop," Grinstead said, "the details provided by its harness-guided Mythos analysis, and confirmed by the second LLM, and ultimately included in the reports, provide a level of confidence his team didn't have before" ^[1].

Other data suggests the broader impact of the tool was even larger, with reports stating Mozilla patched over 400 bugs using the Mythos preview ^[3]. The company aims to continue leveraging this AI-driven approach to increase the speed of patching, and improve overall browser security [1, 2].