Anthropic's Mythos Finds Thousands of Firefox Vulnerabilities

Mozilla's Firefox security team has disclosed that Anthropic's Mythos model discovered thousands of high-severity bugs in the browser's codebase, including vulnerabilities that had existed undetected for over 15 years.

The results represent a dramatic shift in AI-assisted security research. In April 2026, Firefox shipped 423 bug fixes, compared to 31 in April 2025—a 13-fold increase. Mozilla attributes this acceleration directly to Mythos' capabilities.

Technical Capabilities

According to Mozilla researchers, Mythos demonstrated particular strength in finding sandbox vulnerabilities—among the most difficult security flaws to detect. These require multi-step exploits: the model must write a compromised browser patch, then use that code to attack Firefox's sandbox isolation system.

Mozilla's bug bounty program pays up to $20,000 for sandbox vulnerabilities, its highest reward tier. Brian Grinstead, a distinguished engineer at Mozilla, told TechCrunch that Mythos is finding more sandbox issues than human researchers ever did, despite the substantial financial incentive.

The 12 published bugs include:

• Multiple sandbox escape vulnerabilities
• A 15-year-old HTML parsing error
• Various high-severity security flaws across the codebase

Agentic Filtering Reduces False Positives

Mozilla credits two factors for the breakthrough: improved model capabilities and agentic systems that self-assess and filter out false positives. Previous AI security tools generated too many low-quality reports to be practical.

"It is difficult to overstate how much this dynamic changed for us over a few short months," Mozilla researchers wrote. "First, the models got a lot more capable. Second, we dramatically improved our techniques for harnessing these models."

Human Review Still Required

Despite Mythos' detection capabilities, Mozilla is not using AI to fix the bugs. While the model generates proposed patches, Firefox engineers write and review all deployed code manually. "For the bugs we're talking about in this post, every single one is one engineer writing a patch and one engineer reviewing it," Grinstead said.

Disclosure and Impact

Anthropic previewed Mythos in April 2026 but withheld public release until critical vulnerabilities could be patched. The company has followed responsible disclosure protocols, though security researchers note that adversaries may be using similar techniques with less capable models.

Anthropic CEO Dario Amodei argued the tools favor defenders: "If we handle this right, we could be in a better position than we started, because we fixed all these bugs. There are only so many bugs to find."

Grinstead offered a more cautious assessment: "It's useful for both attackers and defenders, but having the tool available shifts the advantage a little bit to defense. Realistically, nobody knows the answer to this yet."

What This Means

Mythos represents the first AI system demonstrating practical superiority over human researchers at finding complex security vulnerabilities at scale. The 13x increase in Firefox's monthly bug fixes suggests we're entering a period where legacy codebases will undergo unprecedented security scrutiny. The critical unknown: whether attackers or defenders benefit more as these capabilities proliferate. Mozilla's experience suggests that even with access to state-of-the-art detection, human expertise remains essential for remediation.