Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks

In a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox — 14 of them classified as “high-severity.” Most of the bugs have been fixed in Firefox 148 (the version released this February), although a few fixes will have to wait for the next release.

Anthropic’s team used Claude Opus 4.6 over the span of two weeks, starting in the JavaScript engine and then expanding to other portions of the codebase. According to the post, the team focused on Firefox because “it’s both a complex codebase and one of the most well-tested and secure open-source projects in the world.”

Notably, Claude Opus was much better at finding vulnerabilities than writing software to exploit them. The team ended up spending $4,000 in API credits trying to concoct proof-of-concept exploits, but only succeeded in two cases.

Still, it’s a reminder of how powerful AI tools can be for open source projects — even if they bring a flood of bad merge requests alongside the useful ones.

Actively scaling? Fundraising? Planning your next launch? TechCrunch Founder Summit 2026 delivers tactical playbooks and direct access to 1,000+ founders and investors who are building, backing, and closing. Register by March 13 to save up to $300.

Subscribe for the industry’s biggest tech news

Apps Claude’s consumer growth surge continues after Pentagon deal debacle Sarah Perez 9 hours ago

Claude’s consumer growth surge continues after Pentagon deal debacle

Government & Policy Anthropic to challenge DOD’s supply-chain label in court Rebecca Bellan 1 day ago

Anthropic to challenge DOD’s supply-chain label in court

Government & Policy It’s official: The Pentagon has labeled Anthropic a supply-chain risk Rebecca Bellan 1 day ago

It’s official: The Pentagon has labeled Anthropic a supply-chain risk

AI Microsoft, Google, Amazon say Anthropic Claude remains available to non-defense customers Julie Bort Rebecca Bellan 7 hours ago

Microsoft, Google, Amazon say Anthropic Claude remains available to non-defense customers

In Brief Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks Russell Brandom 8 hours ago

Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks

Startups Anthropic’s Pentagon deal is a cautionary tale for startups chasing federal contracts Theresa Loconsolo 9 hours ago 33 min

Anthropic’s Pentagon deal is a cautionary tale for startups chasing federal contracts