Claude AI discovered nearly two dozen vulnerabilities in Firefox, the Mozilla web browser.
Anthropic teamed up with Mozilla to test the security of its browser, allowing its AI tool to probe for vulnerabilities. Read, in part, a blog post from Anthropic:
“Claude Opus 4.6 discovered 22 vulnerabilities over the course of two weeks. Of these, Mozilla assigned 14 as high-severity vulnerabilities—almost a fifth of all high-severity Firefox vulnerabilities that were remediated in 2025. In other words: AI is making it possible to detect severe security vulnerabilities at highly accelerated speeds.”
Anthropic noted that while Claude AI proved adept at identifying vulnerabilities, it was less successful at exploiting them. The researched asked the AI tool to “read and write a local file in a target system, as an attacker would.”
Mashable Light Speed
Claude apps: How Anthropic will integrate Slack, Canva, and more
Wrote Anthropic:
“We ran this test several hundred times with different starting points, spending approximately $4,000 in API credits. Despite this, Opus 4.6 was only able to actually turn the vulnerability into an exploit in two cases. This tells us two things. One, Claude is much better at finding these bugs than it is at exploiting them. Two, the cost of identifying vulnerabilities is an order of magnitude cheaper than creating an exploit for them. However, the fact that Claude could succeed at automatically developing a crude browser exploit, even if only in a few cases, is concerning.”
The whole endeavor showed that AI tools are relatively skilled at identifying vulnerabilities in open-source projects. Anthropic, obviously, is pitching Claude as a tool in preventing these vulnerabilities from being exploited.
Want to learn more about getting the best out of your tech? Sign up for Mashable’s Top Stories and Deals newsletters today.
