Mozilla shipped Firefox 150 this week with patches for 271 security vulnerabilities discovered by Anthropic’s Claude Mythos Preview in an initial evaluation.
The scan forms part of Project Glasswing, Anthropic’s coordinated defense effort that grants limited Mythos access to critical infrastructure partners.
Mozilla Patches 271 Vulnerabilities After Claude Mythos Evaluation
In a recent blog post, Firefox CTO Bobby Holley explained that browser security has traditionally followed an offense-heavy model.
Under this approach, vendors acknowledged that fully eliminating exploits was unrealistic and instead focused on making attacks so costly or complex that they would not be widely abused.
“As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus. For a hardened target, just one such bug would have been red alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up,” Holley said.
Follow us on X to get the latest news as it happens
The executive stated that since February, the Firefox team has been working intensively with advanced AI tools to identify and remediate “latent security vulnerabilities in the browser.”
Earlier collaboration with Anthropic, using its Opus 4.6 model, led to fixes for 22 security-sensitive issues in Firefox 148.
The latest update represents a sharp escalation in scale, roughly a twelvefold increase, highlighting how AI-driven audits are reshaping modern cybersecurity practices.
“Encouragingly, we also haven’t seen any bugs that couldn’t have been found by an elite human researcher,’ he added.
Why the Firefox Result Matters for Crypto
The Firefox evaluation lands as exchanges weigh their own exposure to AI-assisted attacks. Anthropic says Mythos can “identify and then exploit zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so.”
This marks the same surface that hot wallets and decentralized applications depend on. While private keys are generally protected within wallet environments, attackers can still gain control over on-chain assets by tricking users into approving harmful transactions or exploiting compromised extensions.
Interest in such capabilities is already expanding. Coinbase has reportedly explored access to Anthropic’s Mythos. This builds on its existing use of Claude models for customer support across more than 100 regions.
Subscribe to our YouTube channel to watch leaders and journalists provide expert insights
