Mozilla’s early access work with Anthropic’s Mythos model turned up 271 vulnerabilities in Firefox 150 — more than ten times the 22 issues Anthropic’s Opus 4.6 flagged in Firefox 148 — demonstrating a sharp jump in discovery rate that has immediate operational consequences for maintainers and defenders.

What Mythos actually revealed in Firefox

Mythos autonomously surfaced a wide spectrum of issues in Firefox 150, including decade-old defects and sandbox-escape chains that require multi-step exploitation to reach critical impact. Mozilla’s security team recorded 271 findings but assigned public CVEs to only three; many of the rest were lower-severity or defense‑in‑depth problems that nonetheless reduce future attack surface.

Mozilla CTO Bobby Holley has stressed that Mythos did not invent new vulnerability classes — it accelerated the discovery of existing bug types and creatively chained medium- and low-severity flaws into exploit paths. That creative chaining is the notable capability shift compared with earlier automated tools such as Opus 4.6 or traditional fuzzers, which often produced large numbers of false positives or missed exploit sequences.

Why faster discovery does not mean faster fixes

Recommended Reading

Anthropic briefed the Trump administration while suing the Pentagon — why Mythos forces banks and regulators to pick careful safeguards

Anthropic has simultaneously pushed Mythos into conversations at the highest levels of government and finance while locked in a legal fight with the Department of Defense—an unusual posture that makes Mythos a distinct governance and operational problem for banks, regulators, and infrastructure providers. What banks and financial regulators are being asked to weigh Mythos is […]

Anthropic briefed the Trump administration while suing the Pentagon — why Mythos forces banks and regulators to pick careful safeguards

For Mozilla, Mythos increased detection velocity but left human engineers responsible for validation, triage, and patch delivery — tasks that still consume most of the remediation effort. Anthropic’s model found bugs autonomously, but AI-generated patches remain unreliable for direct deployment, so security teams must allocate engineering time to build, review, and test fixes.

That human dependency creates a capacity bottleneck that hits volunteer‑maintained and small open source projects especially hard. Mozilla has warned that smaller projects without steady maintainers could be overwhelmed if AI scanning becomes widespread, since the cost of accepting more findings is measured in developer-hours, not just in detection metrics.

Access control, dual‑use risk, and who gets Mythos

Anthropic has limited Mythos access through Project Glasswing, a consortium that includes major tech and cybersecurity firms, to manage the dual‑use risks of a tool that can help both defenders and attackers. Reports of unauthorized access attempts and leaks tied to early deployments underline why Anthropic and partners have emphasized gated rollouts, audit logging, and strict usage policies.

Operational checkpoints for teams deciding whether to adopt AI scanners

Teams should treat Mythos‑class models as amplifiers: they increase the volume and exploitability of findings but do not remove the need for engineering labor or governance controls. Security leaders at organizations using Mythos report integrating its output into continuous integration pipelines only after establishing triage SLAs, clear ownership for patches, and metrics for time‑to‑fix.

Three practical checks before rolling out AI-assisted discovery: verify you have staff or partners committed to triage within a fixed SLA; ensure access is gated and logged (the Project Glasswing approach); and instrument dependencies so third‑party components discovered by the model can be tracked and patched upstream.

Common questions

When is AI scanning worth it for a small project? Only if the project can guarantee timely triage or has an agreement with a sponsor to develop fixes; otherwise selective or periodic scans are safer than constant automated discovery.

How should organizations control Mythos‑level access? Use consortium‑style or enterprise gating, strong authentication, and active monitoring of queries and outputs, because leaked model access can immediately shift advantage to attackers.

What’s the next checkpoint to watch? Track adoption rates across smaller open source projects and measure whether time‑to‑patch shortens in public repositories; Mozilla’s rollout around Firefox 150 will be an early data point for that test.