Anthropic's Mythos AI finds decade-old bugs in Firefox
Unveiled in April, Anthropic's Mythos AI model has demonstrated remarkable proficiency in identifying software vulnerabilities. The security team at Mozilla's Firefox reported that Mythos uncovered a variety of high-severity bugs, some of which had been dormant for over ten years. In April 2026, Firefox implemented 423 bug fixes, a significant increase from the 31 fixes made the previous year. The model detected sandbox vulnerabilities that human researchers had missed, despite a $20,000 bounty offered. While Mozilla employs AI to generate patches, human engineers are still essential for finalizing fixes. The overall impact on cybersecurity is still unclear; Anthropic's CEO Dario Amodei expresses optimism about defenders' prospects, whereas Mozilla's Brian Grinstead calls for caution.
Key facts
- Anthropic unveiled Mythos in April 2026.
- Mozilla's Firefox used Mythos to find bugs.
- 423 bug fixes shipped in April 2026 vs 31 in April 2025.
- Some bugs were over a decade old.
- Sandbox vulnerabilities found despite $20,000 bounty.
- AI patches not directly deployable; human engineers required.
- Anthropic CEO Dario Amodei optimistic about defense advantage.
- Mozilla's Brian Grinstead says impact unknown.
Entities
Institutions
- Anthropic
- Mozilla
- Firefox
- TechCrunch