Mozilla has used Anthropic’s Mythos Preview to fix 271 Firefox vulnerabilities, highlighting how AI-driven bug hunting could strengthen open-source security far beyond a single browser.
Mozilla has positioned open-source security at the centre of the AI cybersecurity debate, using early access to Anthropic’s Mythos Preview to identify and fix 271 vulnerabilities now addressed in Firefox 150.
The move marks a concrete security outcome rather than a theoretical AI experiment, and suggests advanced models could reshape how open-source software is audited and secured. Mozilla said adapting to the “firehose of bugs” surfaced by the tool demanded significant resources and discipline, but was necessary as similar capabilities are likely to reach attackers.
Beyond Firefox, the development carries implications for widely used but under-resourced open-source projects, volunteer-maintained software, and even abandonware, raising the prospect of AI-assisted bug hunting becoming a broader security overhaul moment for open source.
“Our belief is that the tools have changed things dramatically, because now we have automated techniques that can cover, as far as we can tell, the full space of vulnerability-inducing bugs,” said Bobby Holley, chief technology officer, Firefox.
Holley added, “Every piece of software is going to have to make this transition, because every piece of software has a lot of bugs buried underneath the surface that are now discoverable.”
The development comes as Anthropic and OpenAI roll out advanced cyber-capable models under controlled releases and convene industry groups to assess risks. Mozilla gained access through direct collaboration with Anthropic, though it is not part of the Project Glasswing consortium.
