In a recent security partnership with Mozilla, Anthropic found 22 different weaknesses In Firefox – 14 of them are classified as “high-severity”. Most bugs have been fixed firefox 148 (version released this February), although some improvements will have to wait for the next release.
Anthropic’s team used Cloud Opus 4.6 over a two-week period, starting in the JavaScript engine and then expanding to other parts of the codebase. According to the post, the team focused on Firefox because “it has a complex codebase and is one of the most thoroughly tested and secure open-source projects in the world.”
In particular, Cloud Opus was far better at finding vulnerabilities than at writing software to exploit them. The team spent $4,000 in API credits trying to create proof-of-concept exploits, but were successful in only two cases.
Still, it’s a reminder of how powerful AI tools can be for open-source projects — even if they bring flood of bad merge requests Along with useful people.
