## AI Finds Hundreds of Zero-Days in Firefox The **Firefox** team recently disclosed an impressive feat of security engineering: the discovery and patching of 271 zero-day vulnerabilities in **Firefox 150**. This was achieved through a collaboration with **Anthropic**, utilizing an early version of their **Claude Mythos Preview** AI model. > Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6, which led to fixes for 22 security-sensitive bugs in Firefox 148. > As part of our continued collaboration with Anthropic, we had the opportunity to apply an early version of Claude Mythos Preview to Firefox. This week’s release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation. According to **Mozilla**, the sheer volume of vulnerabilities initially caused “vertigo,” but the team managed to reprioritize and address the issues effectively. This highlights the potential for AI to significantly enhance vulnerability detection in complex software. > As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus. For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up. > Our experience is a hopeful one for teams who shake off the vertigo and get to work. You may need to reprioritize everything else to bring relentless and single-minded focus to the task, but there is light at the end of the tunnel. We are extremely proud of how our team rose to meet this challenge, and others will too. Our work isn’t finished, but we’ve turned the corner and can glimpse a future much better than just keeping up. **Defenders finally have a chance to win, decisively.** ## Implications for Security This event underscores the growing importance of AI in cybersecurity. While AI can be used offensively, this example demonstrates its powerful defensive capabilities. The ability to identify and remediate a large number of zero-day vulnerabilities before they can be exploited is a significant win for defenders, assuming that patches are applied promptly. As **Mozilla** notes, this technology favors defenders who can quickly patch and distribute updates to users. This proactive approach represents a shift in the cybersecurity landscape, offering a glimpse into a future where AI-driven security measures play a crucial role in protecting software and users.