Firefox 150 Patches 271 Vulnerabilities Found by Anthropic Mythos

Firefox 150: Mozilla patches 271 vulnerabilities found with Anthropic’s Mythos Preview

Firefox 150 patches 271 vulnerabilities found with early Claude Mythos Preview access, highlighting AI-assisted code inspection’s impact on software security.

Mozilla’s release of Firefox 150 this week includes fixes for 271 security flaws that the browser maker discovered after working with an early, restricted version of Anthropic’s Claude Mythos Preview. The finding — disclosed by Mozilla on its blog and confirmed in interviews with WIRED — represents a striking example of AI models being used to surface deep, human-level defects in complex software, and it compelled the Firefox team to rapidly reprioritize engineering effort to address a large volume of issues.

How Mythos Preview differs from traditional automated tools

Traditional automated security tools such as fuzzers work by feeding malformed or random inputs to software and observing failures. Those tools remain effective at exposing a class of runtime and input-handling issues, but they leave coverage gaps: some logic and code paths are difficult to reach with blind input mutation, and other classes of flaws rely on nuanced reasoning about program structure or developer intent.

Mozilla’s account of Mythos Preview describes an alternate approach. According to Firefox CTO Bobby Holley, Mythos can reason through source code in ways that historically required elite human researchers. Holley wrote that computers were “completely incapable of doing this a few months ago, and now they excel at it,” and he emphasized that Mythos finds many of the same subtle defects that top human analysts would. In Mozilla’s characterization, Mythos “doesn’t have those blind spots” that limit fuzzers, enabling it to identify a broader set of weaknesses across a codebase.

What Mozilla found and how the team reacted

The immediate outcome was stark: Mozilla says the company patched 271 vulnerabilities as part of the Firefox 150 release after scanning the browser with the AI preview. Inside the organization, the wave of results produced a mix of alarm and urgency. Holley described the initial reaction as a “gut punch,” and acknowledged the effort forced Firefox engineering to shift priorities rapidly to remediate the findings.

Holley told WIRED that the scale of the work was prompting other engineering groups to rethink staffing and timelines — and that he has spoken with engineering leaders at large companies who expect to pull thousands of engineers off other projects to focus on similar security work for months. That shift, he suggested, is already reshaping how teams plan and allocate resources.

Why Mozilla says the discovery is bounded, not existential

Despite the volume of problems surfaced, Mozilla frames the development as narrowing rather than expanding the threat landscape. Holley emphasized that Mythos did not introduce an entirely new class of vulnerability; instead, the tool accelerated discovery of defects that skilled human researchers could have found given time. He portrayed the situation as one where defects are finite and increasingly discoverable: “Defenders finally have a chance to win, decisively,” he wrote on Mozilla’s blog.

That framing matters for how organizations interpret the findings. If AI tools merely accelerate the exposure of existing defect classes, then the response is largely one of scale — invest in detection and remediation workflows. If, by contrast, AI uncovered new, previously unseen vulnerability patterns, the implications would be more fundamental. Mozilla’s public statements situate Mythos in the first camp: powerful and fast, but not inventing new categories of risk.

How access to Mythos Preview is controlled

Anthropic has not made Mythos Preview generally available. The company has released the model to a tightly controlled set of partners through a program called Project Glasswing, and those partners include major technology firms such as Amazon, Apple, and Microsoft, according to Mozilla’s account. Mozilla’s use of Mythos came through a separate, direct collaboration with Anthropic rather than through the formal Glasswing consortium, Holley told WIRED.

Anthropic’s approach — making Mythos available only to select partners for internal scanning and vetting — is consistent with a cautious release strategy that aims to let large vendors exercise the model on real products before broader exposure. Mozilla’s experience illustrates one practical outcome of that restricted-access phase: partner organizations can use the model to perform concentrated security audits on their own software ahead of any public rollout.

Practical implications for users, developers, and security teams

The Firefox 150 release demonstrates a sequence of practical effects that organizations and teams will need to consider.

For software maintainers: Running an advanced code-inspection model like Mythos against a mature, widely deployed codebase can generate a large volume of findings that demand triage, prioritization, and remediation. Mozilla’s response required reallocating engineering effort to address the issues quickly.
For engineering leadership: Holley’s remarks to WIRED indicate that some companies anticipate substantial, multi-month personnel shifts to respond to similar AI-driven discovery efforts. That implies a need to plan for surge capacity and rapid patch pipelines when partnering with such tools.
For security operations: The character of findings surfaced by an AI that reasons about source code will shape vulnerability management priorities. Organizations may need to enhance vulnerability triage processes, incorporate AI-sourced reports into bug tracking systems, and calibrate severity and exploitability assessments for issues that may be more subtle than classical fuzzing results.
For users: Mozilla shipped patches in Firefox 150 to address the vulnerabilities discovered. The public disclosure makes clear that browsers and other heavily used software can contain many latent defects that sophisticated inspection techniques can now reveal more rapidly than before.

The source material does not provide specifics about particular bug classes, exploitability, or remediation timelines beyond the fact that 271 vulnerabilities were patched in Firefox 150 and that Mozilla substantially reprioritized its engineering work.

How Mythos-style models fit into existing security toolchains

Mythos Preview’s reported strengths — reasoning through source code and surfacing defects that fuzzers miss — suggest it will be used alongside rather than as a wholesale replacement for existing tooling. Fuzzers, static analyzers, and human review each have different strengths: fuzzers excel at triggering runtime failures, static analyzers can flag suspicious code patterns at scale, and human experts bring intuition and context.

Mozilla’s description positions Mythos as matching the output of “elite security researchers,” implying the model can act as a force multiplier for security teams. In practice, teams will need integration points: automated ingestion of model outputs into bug trackers, systems for deduplicating and prioritizing reports, and workflows that combine AI findings with automated testing and human validation before public patches are issued.

Project Glasswing, partner vetting, and the ethics of restricted releases

Anthropic’s Project Glasswing — the small partner program named by Mozilla — and the company’s decision to restrict Mythos access reflect a stewardship and risk-management stance. By limiting exposure to large partners who can scan their own products, Anthropic appears to be balancing the utility of the model against the risk that an unrestricted release could enable misuse or widespread discovery of unpatched vulnerabilities.

Mozilla’s separate, direct collaboration with Anthropic indicates that bespoke arrangements are part of how organizations are gaining access to advanced models for internal security purposes. The source material links Glasswing members to large cloud and platform vendors, suggesting Anthropic prioritized partners with substantial engineering resources and the potential to remediate findings at scale.

Broader industry implications for AI-powered security tooling

Mozilla’s experience with Mythos Preview is a concrete instance of a broader trend: generative AI models are moving beyond content generation to technical reasoning tasks once considered firmly in the human domain. If other organizations obtain comparable tooling, the volume and speed of vulnerability discovery across widely used codebases could increase sharply.

That shift has several industry-level implications drawn from the source narrative:

Resource allocation: Organizations may need to plan for concentrated remediation efforts after running AI-assisted scans, as Mozilla’s reprioritization and Holley’s conversations with other leaders imply substantial resourcing impacts.
Defensive advantage: Mozilla’s language — including the line that defenders now have “a chance to win, decisively” — frames AI as a potential equalizer, enabling defenders to find defects more efficiently. If defenders adopt these tools widely, it could accelerate patching cycles and reduce attacker windows.
Release governance: The way vendors and AI makers control access (Project Glasswing and bespoke collaborations) will influence who gets early benefit from these tools and how quickly vulnerability discovery scales across the ecosystem.
Toolchain evolution: Security toolchains and developer workflows will need to evolve to absorb high-volume, AI-generated findings without false positives overwhelming teams. Integration with static analysis, fuzzing, continuous integration, and vulnerability management will be critical.

All of these implications are reflected in Mozilla’s public statements and the reporting of its interactions with Anthropic and other platform partners.

Questions organizations will ask when considering similar AI security scans

Organizations contemplating AI-assisted code inspection will naturally want to know several practical things; Mozilla’s case provides partial answers grounded in its public remarks and reporting.

What does the tool do? Mythos Preview is described as an AI model capable of reasoning through source code to identify vulnerabilities, including patterns that classical fuzzers miss.
How does it work in practice? The source contrasts Mythos’ reasoning approach with fuzzers’ input-mutation strategy, and Mozilla’s experience shows the tool can produce large volumes of findings that require human triage and engineering follow-through.
Why does it matter? Because Mythos accelerated the discovery of hundreds of issues in a single codebase, it demonstrates the potential to materially change how promptly and comprehensively defects are found and patched.
Who can use it? At the time of Mozilla’s announcement, Mythos Preview was not publicly available; access was limited to a small circle of partners via Project Glasswing and to Mozilla through a separate collaboration, according to Mozilla’s account.
When will such tools be available more broadly? The source does not provide a general availability timeline. It does note that Anthropic has kept Mythos Preview out of public hands and released it only to select partners for scanning ahead of wider release.

These answers are limited to the facts reported by Mozilla and WIRED and do not attempt to forecast availability beyond those statements.

Related developments and context from Anthropic

The source material also references Anthropic’s ongoing work in security-focused AI models, noting that the company’s Opus 4.7 launch provided another look at its efforts while Mythos remains tightly restricted. That mention situates Mythos within a sequence of Anthropic releases aimed at advancing model capabilities for technical and security tasks.

Final thoughts looking ahead

Mozilla’s Firefox 150 release and the rapid remediation of 271 vulnerabilities uncovered by Mythos Preview mark a turning point in how AI is being used for software security: powerful models can now perform a level of source-code reasoning that previously required elite human researchers. The immediate operational consequence is clear — expect heavier triage loads, shifting engineering priorities, and intensified dialogue between AI providers and large platform partners about controlled access and responsible deployment. Over time, defensive toolchains, vulnerability management systems, and developer workflows will need to adapt so teams can absorb AI-driven findings at scale, validate their significance, and ship fixes quickly. The balance between accelerating discovery and managing remediation capacity will shape whether AI ultimately widens attackers’ opportunities or becomes a decisive advantage for defenders.