Anthropic's Claude Mythos AI Finds 271 Vulnerabilities in Firefox—Yes, It's Seriously Powerful - Decrypt

Detailed Analysis

Anthropic's Claude Opus 4.6 demonstrated a significant milestone in AI-assisted cybersecurity research by identifying 22 vulnerabilities in Mozilla's Firefox browser over a two-week period, including 14 classified as high-severity — a figure representing nearly 20% of all high-severity Firefox bugs remediated in 2025. Mozilla validated the findings, incorporated fixes into Firefox 148, and notably highlighted the quality of the AI-generated reports, which included minimal test cases, proofs of concept, and patches — a marked departure from the typically low-signal, high-noise outputs associated with AI-assisted bug reporting. Anthropic's team subsequently tasked Claude with exploit development, and after approximately $4,000 in API costs and hundreds of attempts, the model produced working exploits for two of the identified vulnerabilities, including CVE-2026-2796, a JIT miscompilation flaw enabling type confusion and arbitrary memory read/write primitives. These exploits functioned within a modified testing environment that bypassed Firefox's sandbox protections.

The Decrypt article's headline references "271 vulnerabilities" and a model called "Claude Mythos," claims that appear to lack credible primary sourcing. An unverified YouTube video makes expansive assertions about an unreleased Anthropic model called "Mythos" — including claims of thousands of zero-days discovered across operating systems and browsers, 181 working exploits, and a 72.4% Firefox sandbox escape success rate — but provides no peer-reviewed evidence, official documentation, or reproducible methodology. No official Anthropic communications confirm either the "Mythos" designation or the 271-vulnerability figure, and the claims are consistent with the pattern of sensationalized secondary reporting that often surrounds emerging AI capabilities. Anthropic's own published account of the Mozilla collaboration focuses on the 22 discovered vulnerabilities and the two weaponized exploits.

The confirmed work nonetheless carries substantial implications for the security research community. The ability of a commercially available AI model to autonomously audit a mature, hardened codebase like Firefox's SpiderMonkey JavaScript engine — and to do so at a speed and scale that rivals dedicated human researchers — represents a qualitative shift in the threat and defense landscape. The fact that AI-generated reports were detailed enough to satisfy Mozilla's standards for patch development suggests that the barrier to entry for sophisticated vulnerability research is falling rapidly, compressing timelines that previously required weeks or months of expert labor into days of compute time.

This development sits at the intersection of two accelerating trends in AI: the increasing deployment of frontier models as autonomous agents capable of multi-step technical reasoning, and the growing attention to dual-use risks inherent in AI systems that can both discover and exploit security weaknesses. Anthropic's partnership with Mozilla reflects a responsible disclosure framework, channeling AI-discovered vulnerabilities toward defensive patching rather than offensive weaponization. However, the same pipeline — model identifies bug, model generates proof-of-concept, model constructs exploit chain — is equally available to malicious actors with API access, raising urgent questions about how the security community, software vendors, and AI developers coordinate to prevent the offensive application of these capabilities from outpacing defensive ones.

The broader context of AI in offensive security has evolved rapidly, with systems like Google's Project Zero-adjacent research and various academic efforts demonstrating that large language models augmented with code execution and feedback loops can traverse complex vulnerability classes with increasing autonomy. Anthropic's Firefox work adds empirical weight to those findings and, more importantly, provides a documented case study at production scale — real bugs, real fixes, real exploits — rather than controlled benchmarks. Whether the more dramatic claims surrounding "Claude Mythos" prove to have any factual basis, the verified record alone is sufficient to establish that AI-driven vulnerability discovery has crossed from theoretical capability into operational reality.