In a latest safety partnership with Mozilla, Anthropic discovered 22 separate vulnerabilities in Firefox — 14 of them labeled as “high-severity.” A lot of the bugs have been mounted in Firefox 148 (the model launched this February), though just a few fixes should look ahead to the subsequent launch.
Anthropic’s staff used Claude Opus 4.6 over the span of two weeks, beginning within the javascript engine after which increasing to different parts of the codebase. In line with the submit, the staff centered on Firefox as a result of “it’s each a fancy codebase and one of the crucial well-tested and safe open-source initiatives on the earth.”
Notably, Claude Opus was significantly better at discovering vulnerabilities than writing software program to use them. The staff ended up spending $4,000 in API credit making an attempt to concoct proof-of-concept exploits, however solely succeeded in two circumstances.
Nonetheless, it’s a reminder of how highly effective AI instruments will be for open-source initiatives — even when they convey a flood of unhealthy merge requests alongside the helpful ones.
