In a current safety partnership with Mozilla, Anthropic discovered 22 separate vulnerabilities in Firefox — 14 of them labeled as “high-severity.” Many of the bugs have been fastened in Firefox 148 (the model launched this February), though a number of fixes should anticipate the subsequent launch.
Anthropic’s workforce used Claude Opus 4.6 over the span of two weeks, beginning within the JavaScript engine after which increasing to different parts of the codebase. Based on the publish, the workforce centered on Firefox as a result of “it’s each a fancy codebase and probably the most well-tested and safe open-source initiatives on the planet.”
Notably, Claude Opus was significantly better at discovering vulnerabilities than writing software program to take advantage of them. The workforce ended up spending $4,000 in API credit attempting to concoct proof-of-concept exploits, however solely succeeded in two instances.
Nonetheless, it’s a reminder of how highly effective AI instruments could be for open supply initiatives — even when they bring about a flood of dangerous merge requests alongside the helpful ones.
Thanks for studying! Be a part of our group at Spectator Daily
