In a latest safety partnership with Mozilla, Anthropic discovered 22 separate vulnerabilities in Firefox — 14 of them categorized as “high-severity.” Many of the bugs have been fastened in Firefox 148 (the model launched this February), though a couple of fixes should look ahead to the following launch.
Anthropic’s staff used Claude Opus 4.6 over the span of two weeks, beginning within the JavaScript engine after which increasing to different parts of the codebase. Based on the put up, the staff centered on Firefox as a result of “it’s each a fancy codebase and some of the well-tested and safe open-source initiatives on the planet.”
Notably, Claude Opus was a lot better at discovering vulnerabilities than writing software program to use them. The staff ended up spending $4,000 in API credit attempting to concoct proof-of-concept exploits, however solely succeeded in two instances.
Nonetheless, it’s a reminder of how highly effective AI instruments might be for open supply initiatives — even when they carry a flood of unhealthy merge requests alongside the helpful ones.
