1 month ago
19
In a caller information concern with Mozilla, Anthropic recovered 22 abstracted vulnerabilities successful Firefox — 14 of them classified arsenic “high-severity.” Most of the bugs person been fixed successful Firefox 148 (the mentation released this February), though a fewer fixes volition person to hold for the adjacent release.
Anthropic’s squad utilized Claude Opus 4.6 implicit the span of 2 weeks, starting successful the javascript motor and past expanding to different portions of the codebase. According to the post, the squad focused connected Firefox due to the fact that “it’s some a analyzable codebase and 1 of the astir well-tested and unafraid open-source projects successful the world.”
Notably, Claude Opus was overmuch amended astatine uncovering vulnerabilities than penning bundle to exploit them. The squad ended up spending $4,000 successful API credits trying to concoct proof-of-concept exploits, but lone succeeded successful 2 cases.
Still, it’s a reminder of however almighty AI tools tin beryllium for open-source projects — adjacent if they bring a flood of atrocious merge requests alongside the utile ones.
English (US) ·