Mozilla used Anthropic's Claude Mythos to fix 423 Firefox bugs in 30 days — including a 20-year-old flaw that survived decades of testing!

Mozilla's April Firefox security push delivered 423 bug fixes in a single month after the team gained access to Anthropic's Claude Mythos Preview — a volume that eclipses the roughly 420 fixes shipped across the previous 14 months combined. The compression is the story: AI-assisted discovery did in 30 days what conventional testing, fuzzing, and manual review couldn't do in over a year inside one of the most scrutinized browser codebases on the planet.

The disclosed bugs illustrate the depth of latent risk. Bug 2025977 was a 20-year-old XSLT reentrancy flaw capable of freeing backing storage and leaving a raw pointer in use. Bug 2024437 was a 15-year-old HTML legend-element defect. Of the 271 bugs fixed in Firefox 150 alone, 180 were rated sec-high — meaning they can be triggered by ordinary browsing, such as visiting a web page. The sample also included WebAssembly GC primitives with…