Anthropic and Mozilla collaborate to uncover critical Firefox vulnerabilities
Frontier AI models help open-source projects like Firefox rapidly identify critical vulnerabilities, highlighting AI’s growing role in cybersecurity.
AI models are increasingly capable of detecting high-severity software vulnerabilities at unprecedented speeds. Claude Opus 4.6 found 22 new Firefox vulnerabilities in two weeks, 14 of which were rated high-severity, accounting for nearly a fifth of all 2025 high-severity fixes.
Researchers emphasise that AI can accelerate the find-and-fix process, providing valuable support to software maintainers.
Anthropic’s collaboration with Mozilla enabled the team to validate the findings and submit detailed bug reports, including proofs of concept and candidate patches. Claude initially focused on Firefox’s JavaScript engine before expanding to other components.
Although capable of generating primitive exploits in controlled environments, the AI was far more effective at identifying vulnerabilities than exploiting them, giving defenders a critical advantage.
Researchers emphasised the importance of task verifiers, which ensure that AI-generated patches fix vulnerabilities without breaking functionality. Such verification processes increase confidence in AI-assisted fixes and provide a reliable framework for maintainers to adopt AI findings safely.
Looking ahead, AI models like Claude are expected to play an expanding role in cybersecurity, helping developers detect and remediate vulnerabilities across complex software projects. Experts urge maintainers to act swiftly to strengthen security while AI capabilities continue to advance.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!