Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
In a recent security partnership with Mozilla, I found Anthropic 22 separate vulnerabilities In Firefox – 14 of them are rated as “High Risk”. Most bugs have been fixed in Firefox 148 (version released in February), although you will have to wait for some fixes until the next release.
The Anthropic team used Claude Opus version 4.6 over the course of two weeks, starting with the JavaScript engine and then expanding to other parts of the code base. According to the post, the team focused on Firefox because it is “a complex code base and one of the most well-tested and secure open source projects in the world.”
Notably, Claude Opus was much better at finding vulnerabilities than writing programs to exploit them. The team ended up spending $4,000 in API credits trying to fabricate proof-of-concept exploits, but was successful in only two cases.
However, it serves as a reminder of how powerful AI tools can be in open source projects – if they even exist A flood of bad merge requests In addition to the useful.