Anthropic Claude Finds 22 Firefox Security Bugs in 2 Weeks

⬤ A recent collaboration between Anthropic and Mozilla shows how AI is being put to work in real cybersecurity research. As Anthropic reported, the two companies teamed up to see whether the Claude Opus 4.6 model could spot vulnerabilities inside the Firefox browser codebase. Over just two weeks, Claude uncovered 22 previously unknown security flaws, proving that advanced AI can find critical software issues faster than traditional manual review. These results reinforce the shift happening across engineering, as detailed in Anthropic's own research on AI exposure among programmers.

⬤ Of those 22 discoveries, 14 were classified as high-severity, representing close to one-fifth of all high-severity Firefox bugs that Mozilla addressed throughout all of 2025. Mozilla engineers reviewed every report, confirmed the findings, and folded them into their standard security patching process. The scale of these results reflects the broader enterprise momentum Claude has built, as the model continues to take on more demanding technical workloads.

⬤ Data from the announcement shows Firefox vulnerability discovery across 2025 and into early 2026. Monthly counts ran roughly between 9 and 20 CVEs for most of the year. Then February 2026 spiked sharply to 52 vulnerabilities in a single month, with 22 of those directly attributed to the Claude Opus 4.6 experiment. High-severity bugs made up the largest share of that February total, underlining just how significant this AI-driven testing run turned out to be.

⬤ This project is a clear signal that frontier AI models are moving well beyond chat interfaces and into practical engineering pipelines. Automated code analysis can scan massive software repositories and surface subtle flaws that might sit undetected for years. As AI-assisted security research matures, tools like Claude may become a standard part of how major platforms keep browsers and other widely used software safe and resilient.