tech

May 9, 2026

271 bugs found in Firefox, zero written by a human attacker. What this means for the future of safe code + 2 prompts

Mozilla’s Mythos experiment reads, at first, like a cybersecurity story. Anthropic built Mythos for vulnerability research. Mozilla pointed it at Firefox. The previous AI scan, run with a general-purpose model, surfaced 22 security-sensitive bugs. One release cycle later, with the purpose-built model, the number was 271. The Firefox security team — a group that has spent two decades being skeptical about new tools — published the result with the kind of careful enthusiasm that means something has actually changed.

271 bugs found in Firefox, zero written by a human attacker. What this means for the future of safe code + 2 prompts

TL;DR

  • An AI experiment named Mythos, built by Anthropic for Mozilla, identified 271 security bugs in Firefox.
  • This number is substantially higher than previous AI scans, indicating AI's growing capability in vulnerability research.
  • The development suggests a potential shift in software development, where AI might become the primary code generator and verifier, with humans defining system parameters.
  • The article highlights the urgency for teams to adapt to this change, as code comprehensibility becomes a critical security property.
  • It provides two prompts to assess codebase readiness for adversarial AI review and AI-generated code evaluation.

Continue reading the original article