Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
In a recent security agreement with Mozilla, Anthropic discovered 22 different weaknesses in Firefox – 14 of them are called “very powerful.” Most of the bugs were fixed Firefox 148 (version released in February), although several updates will have to wait for the next release.
The Anthropic team used Claude Opus 4.6 over a period of two weeks, starting in the javascript engine and then spreading to other areas of the codebase. According to the post, the team focused on Firefox because “it’s a complex script and one of the most well-tested and secure projects in the world.”
In particular, Claude Opus was much better at finding vulnerabilities than writing programs to exploit them. The team ended up spending $4,000 in API history trying to create a proof of concept, but only succeeded in two cases.
Still, it’s a reminder of how powerful AI tools can be in open source projects — even if they bring them a flood of malicious requests including along with useful.
