Claude Mythos Discovers 271 Security Bugs in Firefox

The internet has a dirty secret: the software we all use every day is riddled with ancient bugs that nobody ever found. Not because nobody looked, but because finding them required a level of human expertise so rare and expensive that most attackers couldn’t afford it either.

But that changed with Claud Mythos.

Firefox 150 released this week patches for 271 vulnerabilities found using Anthropic’s Claude Mythos Preview, a powerful new AI model that Anthropic has quietly been giving to a small group of companies to hunt down security flaws before the bad guys do. 

The project is called Project Glasswing, and it’s essentially a coordinated race to patch the internet before AI-powered hacking becomes cheap and accessible.

Here’s the short version of what Mythos can do:

• Found thousands of zero-day vulnerabilities (flaws unknown even to the software’s own developers) across every major operating system and browser
• Discovered a 27-year-old bug in OpenBSD, a system specifically designed to be hard to hack
• Found a 16-year-old flaw in FFmpeg, a video tool that automated scanners had checked five million times without flagging anything
• Developed a browser exploit that chained four vulnerabilities together to escape both the browser sandbox and the operating system itself
• Scored 90x better than Anthropic’s previous best model at writing working exploits for Firefox vulnerabilities

For context: In 2025, finding just one bug like this would have been a red alert. Firefox just patched 271 of them in a single release.

Why this matters for you

Mythos wasn’t specifically trained to hack.

These capabilities emerged as a side effect of improving at coding. Anthropic’s own team put it plainly that the same improvements that make the model better at fixing vulnerabilities also make it better at exploiting them. Which is exactly why Anthropic is not releasing it to the public.

Firefox’s CTO said plainly that every piece of software will have to undergo this kind of security overhaul, because bugs that were previously too hard to find are now discoverable by anyone with access to a model like this.

The window to patch before attackers gain access to similar tools is measured in months, not years. Project Glasswing is the industry’s attempt to make the most of that window.

Editor’s note: This content originally ran in the newsletter of our sister publication, The Neuron. To read more from The Neuron, sign up for its newsletter here.