Mozilla Details How Anthropic Mythos Found 271 Firefox Security Bugs

Mozilla Details How Anthropic Mythos Found 271 Firefox Security Bugs

A browser security claim that sounded like AI hype now has more evidence behind it. Ars Technica reports that Mozilla has described how Anthropic’s Mythos model helped uncover 271 Firefox security flaws over two months, with Mozilla saying the reports produced “almost no false positives.”

The new detail came in a Mozilla Hacks post, where Mozilla said the work depended on both stronger models and a custom agentic harness built around Firefox’s existing security tooling. Mozilla said earlier attempts at LLM-assisted audits produced too many plausible but wrong reports, while the newer pipeline could generate reproducible test cases and filter out speculation before engineers spent time on a bug.

Mozilla Distinguished Engineer Brian Grinstead told Ars Technica that the harness drives the model through specific tasks, gives it access to tools, and loops until it reaches a clear verification signal. For memory-safety work, Grinstead said Mozilla used a sanitizer build of Firefox: if the model can craft a test case that crashes the browser in the right way, it has a concrete signal rather than a guess.

Mozilla also published a sample of 12 Bugzilla reports behind the fixes, according to its engineering post. The examples include sandbox escapes, use-after-free bugs, a 15-year-old issue involving the HTML legend element, and a 20-year-old XSLT bug. Mozilla said 180 of the 271 Mythos-found bugs were rated sec-high, 80 were sec-moderate, and 11 were sec-low.

The technique is not just “ask a model to audit code.” Mozilla said it built a project-specific pipeline for choosing targets, running jobs across ephemeral virtual machines, deduplicating findings, triaging reports, and moving fixes through Firefox’s security lifecycle. Ars Technica notes that Mozilla normally keeps detailed reports private for months after patches ship, but the company opened a sample because the AI vulnerability-detection claim drew heavy skepticism.

The same Mozilla post said the work has already shipped across Firefox 149.0.2, 150, 150.0.1, and 150.0.2. Mozilla said more than 100 people contributed code to the hardening push, which matters because even AI-generated reports still require engineers to verify impact, land patches, and avoid regressions.

The practical lesson is narrower and more useful than the headline. Mozilla’s results suggest AI can help defenders when it is tied to deterministic tests, mature fuzzing infrastructure, and human review. That’s harder to copy than a prompt, but it points to a security future where the winning edge may be the harness around the model, not the model alone.

Photo by Ferenc Almasi on Unsplash