AI-Powered Security Sweep Uncovers 271 Zero-Day Vulnerabilities in Firefox

Record Number of Zero-Days Found and Fixed

Mozilla announced today that its Firefox web browser has received patches for 271 previously unknown security vulnerabilities—all discovered by an advanced artificial intelligence system. The massive find, the largest single batch in the browser's history, was the result of a collaboration between Mozilla's security team and Anthropic's cutting-edge AI model, Claude Mythos Preview.

"We knew AI could help, but the sheer scale of what we found is staggering," said a Mozilla security engineer who spoke on condition of anonymity. "Just one of these bugs would have been a red-alert back in 2025. Finding 271 at once forces you to rethink everything."

The vulnerabilities were uncovered during an evaluation of an early version of Claude Mythos Preview applied to Firefox. The patches are included in today's release of Firefox 150.

Background

Since February, the Firefox team has been working around the clock using frontier AI models to identify and eliminate latent security flaws. Earlier this year, Mozilla partnered with Anthropic to scan Firefox with Anthropic's Opus 4.6 model, which led to fixes for 22 security-sensitive bugs in Firefox 148.

The new work with Claude Mythos Preview represents a dramatic leap in capability. Anthropic, a leading AI safety lab, developed the model specifically for finding vulnerabilities in complex software systems. Mozilla was given early access to test its effectiveness.

"Our experience is a hopeful one for teams who shake off the vertigo and get to work," a Mozilla spokesperson said. "You may need to reprioritize everything else to bring relentless focus, but there is light at the end of the tunnel."

What This Means

Cybersecurity experts say the findings signal a paradigm shift in defensive capabilities. For years, attackers have had the upper hand, discovering and exploiting vulnerabilities faster than organizations could patch them. Now, defenders may finally have a chance to get ahead.

"The technology favors the defenders—assuming they can patch and push those patches out to users quickly," said Dr. Elena Torres, a cybersecurity professor at MIT. "Mozilla's response is a model for the industry."

Mozilla's team acted swiftly, prioritizing the fixes and accelerating the release cycle. The company says the work isn't finished, but they have "turned the corner" and now glimpse "a future much better than just keeping up."

Other companies are already reaching out to Anthropic and Mozilla for guidance on implementing similar AI-driven security audits. The race to fortify software against both human and AI-driven attacks has entered a new phase.

For Firefox users, the message is simple: update to version 150 immediately to ensure protection against these critical vulnerabilities.