A Game Defined by Asymmetry

For decades, cybersecurity has been a game defined by asymmetry. Attackers need to find just one flaw; defenders must guard every inch. Defenders have always been on the back foot, patching vulnerabilities reactively, often discovering bugs only after they have been exploited. That dynamic may be about to change — and a browser most of us use every day is the clearest proof of it.

When Anthropic unveiled its Claude Mythos model in early April 2026, it did so with an unusual and sobering caveat: the model was so potent at sniffing out software vulnerabilities that the company deemed it too dangerous to release to the general public. That warning wasn’t abstract. It was grounded in numbers — thousands of high-severity bugs found across critical software, many lurking undetected for years, some for more than a decade. Mozilla’s Firefox browser became the most prominent case study, and the story of what happened there offers a rare, detailed look at what this moment means for the security of the software we all depend on.

A Model Born From General Intelligence, Not Special Training

One of the most striking revelations about Mythos is how its security capabilities came to be. Anthropic did not deliberately engineer the model to hunt vulnerabilities. Instead, as the company explained in a detailed technical post on its red-teaming blog, these capabilities emerged as a side effect of broader improvements in code reasoning, autonomy, and general intelligence. The same qualities that make Mythos a better programmer and a stronger reasoner also make it a formidable security analyst.

The approach Anthropic’s researchers used was almost deliberately simple: spin up an isolated container with the target codebase, invoke Claude Code with Mythos Preview, and issue a prompt that amounts to “Please find a security vulnerability in this program.” From there, the model was left to its own devices — reading code, forming hypotheses, running the actual software to confirm or rule out guesses, and iterating autonomously. No elaborate scaffolding. No specialized tooling. Just a powerful general reasoner let loose on a codebase.

The results were stark. When an earlier Anthropic model was applied to Firefox, it surfaced around 20 vulnerabilities. Mythos found nearly 300.

Firefox 150: A Patching Sprint Unlike Any Other

The practical impact of Mythos landed most visibly in Firefox 150, released in April 2026. Mozilla’s security team confirmed that 271 security-sensitive bugs identified by Mythos had been patched in that release — a volume of fixes that would typically take years of manual research and millions of automated fuzz-testing cycles to accumulate.

What made this more than just a big number was the nature of the bugs themselves. Many had been hiding in Firefox’s foundational components — its media playback systems, data storage mechanisms, and JavaScript engine — for years, some for well over a decade. These were not shallow bugs that a cursory audit would catch. They were deep, structural vulnerabilities that had survived countless security reviews precisely because no tool or human team had the combination of code comprehension and creative hypothesis-generation needed to surface them.

Why Previous AI Tools Fell Short

To appreciate what Mythos has changed, it helps to understand why earlier AI-based security tools were more headache than help. Until recently, AI bug-finding systems had a notorious problem with false positives — they would flood security teams with low-quality reports, most of which turned out to be non-issues. The human cost of triaging hundreds of dead-end alerts often outweighed whatever genuine vulnerabilities the tools happened to find.

Mythos operates differently. Rather than brute-forcing its way through code with random inputs, it reasons about code the way an experienced security researcher would. It reads a codebase, builds a mental model of how the software is supposed to work, identifies places where that model might break down, and tests its hypotheses by actually running the code. When Anthropic sent Mozilla 112 bugs found by an earlier model, every single one was confirmed as a true positive. The false positive rate was zero.

The Exploit Gap — And How Fast It Closed

Perhaps the most alarming data point to emerge from Mythos research involves not vulnerability discovery, but exploitation. Finding a bug and turning it into a working attack are two very different skills. Until recently, AI models were much better at the former than the latter.

That gap — from 2 successes to 181, in the span of one model generation — is the number that has rattled security professionals most. It suggests that the window in which AI is useful primarily to defenders is narrowing faster than many anticipated. Anthropic CEO Dario Amodei put a timeline on it: adversarial AI systems from geopolitical competitors are roughly six to twelve months behind Mythos. That, he argued at a May financial services event with JPMorgan Chase CEO Jamie Dimon, is the window available to patch the thousands of vulnerabilities Mythos has already found — before similar capabilities become available to attackers.

Project Glasswing: Controlled Access as a Security Strategy

Rather than releasing Mythos broadly, Anthropic launched Project Glasswing — a coordinated effort to give vetted organizations early access to the model specifically to harden their software before its capabilities become widely available. Mozilla’s engagement with Mythos was part of this program, as were deployments at Amazon, Apple, and Microsoft, among others.

The logic behind Glasswing is straightforward: if Mythos can find and exploit vulnerabilities, then the safest course is to ensure defenders use it first, patching holes before malicious actors discover them independently. It is a race, and Glasswing is Anthropic’s attempt to give the good guys a head start. Critics have noted that with access spanning fifty large organizations, keeping exploit knowledge fully contained is optimistic. But Anthropic has been careful to follow responsible disclosure norms, coordinating with software developers before any findings become public.

The Human Engineer Remains Essential — For Now

Despite the scale of what Mythos has accomplished, Mozilla’s team has been clear about what AI is not yet doing: writing the patches itself. Every one of the 271 fixed bugs required a human engineer to write the fix and another to review it. Mythos does generate code suggestions for patches, and those suggestions are useful as a starting point, but they cannot be deployed directly. “For the bugs we’re talking about in this post, every single one is one engineer writing a patch and one engineer reviewing it. We have not found it to be automatable,” the Mozilla security lead noted.

That caveat matters for two reasons. First, the bottleneck in the Mythos-assisted security pipeline is still human capacity — the model can find bugs faster than teams can fix them, creating risk during the gap. Second, it sets a benchmark for what comes next. If a future model closes the patch-writing gap the way Mythos closed the exploitation gap, the shape of software security work will change in ways that are genuinely hard to predict.

A Watershed — With Unfinished Business

One month on from Mythos’s preview, the picture is incomplete. Most of the vulnerabilities the model has found across software beyond Firefox have not yet been publicly disclosed because they remain unpatched. The rate at which the broader software industry can absorb and act on Mythos-generated findings will determine much of how the next phase unfolds.

What is clear is that the moment is real. Firefox 150 is measurably more secure than it would have been without Mythos. Bugs that had survived a decade of human scrutiny and conventional automated testing are now fixed. And the techniques that produced those results are not standing still — they improve with every model generation.

For users, the immediate news is good: the browser they open every day is safer. For the security industry, the message is more complicated. The tools that allow defenders to gain ground are the same tools that, in other hands, could accelerate attacks in ways the field has not had to contend with before. The question of who gets access to those tools, and when, is no longer theoretical.

Anthropic’s Mythos has not just helped fix Firefox. It has drawn a bright line between the era of cybersecurity that preceded it and whatever comes next.