Firefox team fixes 423 vulnerabilities using Anthropic's Claude Mythos Preview
Mozilla's Firefox team fixed 423 security vulnerabilities in April 2026 using Anthropic's Claude Mythos Preview. The single-month total exceeded fixes across the prior 15 months, where monthly totals ranged from 17 to 76. The AI tool detected and patched complex issues like sandbox escapes. Anthropic Head of Developer Relations Alex Albert detailed the effort.
@emollick I mean this is not at all evidence that some post train of Mythos was tooo dangerous for the public
Ethan Mollick@emollickSo Mythos was, indeed, not marketing hype. Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
@logangraham Eventually could be a long time, especially in critical infrastructure, much of which is running on Windows 7.
Logan Graham@logangrahamI'm optimistic this eventually favors defense over offense. We wanted to start this transition cautiously. I've honestly been inspired by what orgs have been able to do with Mythos. More to come!
#127Boaz Barak@BOAZBARAKTCSCredit where credit is due. This is genuinely impressive.
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
#127Boaz Barak@BOAZBARAKTCSI agree that fundamentally, AI favors defense in cyber. We know that theoretically, bug free software (at least in narrow sense of conforming with spec) can exist, and as we find and fix more bugs, we can approach this asymptote.
Logan Graham@logangrahamI'm optimistic this eventually favors defense over offense. We wanted to start this transition cautiously. I've honestly been inspired by what orgs have been able to do with Mythos. More to come!
There is another reason why AI favors the defender. A lot of small but important systems (e.g. hospitals) are insecure because they are limited in the security staff they can hire. Now you can have a team of a 100 top security engineers watching over your system.
Boaz Barak@boazbaraktcsI agree that fundamentally, AI favors defense in cyber. We know that theoretically, bug free software (at least in narrow sense of conforming with spec) can exist, and as we find and fix more bugs, we can approach this asymptote.
#151Gary Marcus@GARYMARCUS@DKThomp my view, somewhere in middle
Gary Marcus@GaryMarcusMy view on Mythos was and is somewhere in between. It’s real, it’s a wakeup call, and it’s not quite what some of the media coverage suggested. • Mythos is not going to allow an 8 year old to accidentally take down a power grid. (Someone writing for the NYT thought that was a real possibility). • The new Mozilla data certainly show that Mythos is better then its predecessors at detecting bugs. • But the UK AI institute’s study showed (and I still think this is true) that well-secured systems are not immediately at risk. • Consistent with all this the Mozilla report notes “Note that a number of these bugs are sandbox escapes, which would need to be combined with other exploits to achieve a full-chain Firefox compromise” I stand by my middle view; it’s not marketing hype, but it’s not quite as potent as some people thought. One other thing to note is that whatever advances there are not necessarily general to many or all domains; we will have to wait and see on that.
#151Gary Marcus@GARYMARCUSThis is confused, but popular.
Popular because it tells a bunch of people what they want to hear.
Confused for a couple reasons: first, Mythos probably isn’t a pure LLM. (Claude Code isn’t, and it probably uses some similar techniques). [Also critics such as myself never called LLMs a “scam”; rather we said that LLMs need to be supplemented with other techniques, and wouldn’t be enough on their own.]
And on @EpochAIResearch’s important ECI benchmark it’s NOT hugely better than other models.
It’s better at bug finding, but doesn’t mean it’s solved hallucinations, boneheaded reasoning errors etc.
prinz@deredleritt3rOld enough to remember when the prevailing view on AI was that LLMs are a scam, actually, and the bubble is about to pop (6 months ago)
#151Gary Marcus@GARYMARCUSMy view on Mythos was and is somewhere in between. It’s real, it’s a wakeup call, and it’s not quite what some of the media coverage suggested.
• Mythos is not going to allow an 8 year old to accidentally take down a power grid. (Someone writing for the NYT thought that was a real possibility).
• The new Mozilla data certainly show that Mythos is better then its predecessors at detecting bugs.
• But the UK AI institute’s study showed (and I still think this is true) that well-secured systems are not immediately at risk.
• Consistent with all this the Mozilla report notes “Note that a number of these bugs are sandbox escapes, which would need to be combined with other exploits to achieve a full-chain Firefox compromise”
I stand by my middle view; it’s not marketing hype, but it’s not quite as potent as some people thought.
One other thing to note is that whatever advances there are not necessarily general to many or all domains; we will have to wait and see on that.
Ethan Mollick@emollickSo Mythos was, indeed, not marketing hype. Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
#151Gary Marcus@GARYMARCUS@emollick my somewhat intermediate take; also re your second paragraph I don’t think we actually know how much bug-detecting-specific harnessing there is. so i am not sure your second sentence will stand the test of time. some data i saw briefly suggest otherwise, but we will have to see.
Gary Marcus@GaryMarcusMy view on Mythos was and is somewhere in between. It’s real, it’s a wakeup call, and it’s not quite what some of the media coverage suggested. • Mythos is not going to allow an 8 year old to accidentally take down a power grid. (Someone writing for the NYT thought that was a real possibility). • The new Mozilla data certainly show that Mythos is better then its predecessors at detecting bugs. • But the UK AI institute’s study showed (and I still think this is true) that well-secured systems are not immediately at risk. • Consistent with all this the Mozilla report notes “Note that a number of these bugs are sandbox escapes, which would need to be combined with other exploits to achieve a full-chain Firefox compromise” I stand by my middle view; it’s not marketing hype, but it’s not quite as potent as some people thought. One other thing to note is that whatever advances there are not necessarily general to many or all domains; we will have to wait and see on that.
#155Ethan Mollick@EMOLLICKSo Mythos was, indeed, not marketing hype.
Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
@tszzl I guess I didn't interpret that as the claim? I think Anthropic has its own ideas of what constitutes a threat, for better or worse - a model finding a large number of exploits. This seems to suggest that Mythos can do this (I do not think it is the only model that can do this)
roon@tszzl@emollick I mean this is not at all evidence that some post train of Mythos was tooo dangerous for the public
And also https://www.paloaltonetworks.com/blog/2026/05/frontier-ai-defense/
Ethan Mollick@emollickSo Mythos was, indeed, not marketing hype. Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
@alexalbert__ wowzers
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
Post here, including example vulnerabilities and tips for other orgs on how to build in-house harnesses that let you make the most of new models: https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
Helen Toner@hlntnrOne of the things that made the Mythos release hard to interpret is that Anthropic held back details on most vulns they found, to give defenders time to patch. 1 month later, info from orgs with access to Mythos is starting to trickle out, e.g. this post from Mozilla today:
#348Helen Toner@HLNTNROne of the things that made the Mythos release hard to interpret is that Anthropic held back details on most vulns they found, to give defenders time to patch.
1 month later, info from orgs with access to Mythos is starting to trickle out, e.g. this post from Mozilla today:
Super interesting, on building their own harness:
Helen Toner@hlntnrPost here, including example vulnerabilities and tips for other orgs on how to build in-house harnesses that let you make the most of new models: https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
@GaryMarcus @binarybits This strikes me as a reasonable take.
#350⿻ Andrew Trask@IAMTRASKFuture historians might say that cybersecurity was unsolvable *until* tools like Mythos came around and plugged all the holes.
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
#385Alex Albert@ALEXALBERT__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
Pulled from this great blog post: https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
#407Noah Smith 🐇🇺🇸🇺🇦🇹🇼@NOAHPINIONMaybe powerful AI will favor the cyber defense.
Vulnerabilities are finite in number, so if you can fix them all, maybe software just becomes much more secure.
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
#464kache@YACINEMTB@emollick Gpt 5.5 is already capable of this
Ethan Mollick@emollickSo Mythos was, indeed, not marketing hype. Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/
#562Logan Graham@LOGANGRAHAMI'm optimistic this eventually favors defense over offense. We wanted to start this transition cautiously.
I've honestly been inspired by what orgs have been able to do with Mythos. More to come!
Alex Albert@alexalbert__With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.
@hendrycks Yeah. That's probably the scenario we think about the most. The entire question is then how to smooth the transition as much as possible.
(which I think could require some unprecedented innovations in security)
Dan Hendrycks@hendrycks@logangraham Eventually could be a long time, especially in critical infrastructure, much of which is running on Windows 7.
#882Danielle Fong 🔆@DANIELLEFONGwe need to start working to favor defence over offence already. is there any way to have the over active safety filters not trigger on epidemiological simulations on the hantavirus. or a supply chain attack? let me know!
Logan Graham@logangrahamI'm optimistic this eventually favors defense over offense. We wanted to start this transition cautiously. I've honestly been inspired by what orgs have been able to do with Mythos. More to come!
#1129Marius Hobbhahn@MARIUSHOBBHAHNNow imagine they had used this knowledge for nefarious purposes.
Kudos to Anthropic, but I really think these high-stakes situations should not rely on "company defies their incentives to do the right thing"
Helen Toner@hlntnrOne of the things that made the Mythos release hard to interpret is that Anthropic held back details on most vulns they found, to give defenders time to patch. 1 month later, info from orgs with access to Mythos is starting to trickle out, e.g. this post from Mozilla today:
#1129Marius Hobbhahn@MARIUSHOBBHAHNImportant clarification:
#1265Peter Wildeford🇺🇸🚀@PETERWILDEFORDWow, Mythos is really cooking over at Firefox
Helen Toner@hlntnrOne of the things that made the Mythos release hard to interpret is that Anthropic held back details on most vulns they found, to give defenders time to patch. 1 month later, info from orgs with access to Mythos is starting to trickle out, e.g. this post from Mozilla today:
#1473Timothy B. Lee@BINARYBITSNot a good day for team "Claude Mythos is just marketing hype."
