Son Dakika
ARمجلس حقوق الإنسان يدين تصاعد العنف في الأبيض ويطالب بوقف فوري لهجوم الدعم السريعARالاتحاد البلجيكي يستأنف ضد مشاركة بالوغون أمام المغربARبولندا تحمي نفسها من التصعيد المحتمل عبر إثارة نزاع مع أوكرانياARترمب: واشنطن لا تتطلع لتغيير النظام في إيران.. ونتنياهو يزعم رغبة قرى لبنانية في الانضمام لإسرائيلARالديمقراطيون يخططون للتحقيق في ثروة ترمب المتنامية عبر العملات المشفرةARالديمقراطيون يخططون لتحقيقات برلمانية في أنشطة ترمب المالية بعد إعلان أرباحه الضخمةARديوكوفيتش وأوساكا يتصدران منافسات ويمبلدون، وأموريم مدرباً لميلان، وفيفا يرفض طعن بلجيكاARحماس تحل "لجنتها الحكومية" في غزة، و"مجلس السلام" يشدد على "سلطة واحدة وسلاح واحد"ARروسيا تشن هجوماً صاروخياً واسعاً على كييف ومدن أوكرانية أخرىARهجمات في السودان تدمر قرى وتهجر آلاف، والمعارضة الموريتانية تنتقد الحكومةARمجلس حقوق الإنسان يدين تصاعد العنف في الأبيض ويطالب بوقف فوري لهجوم الدعم السريعARالاتحاد البلجيكي يستأنف ضد مشاركة بالوغون أمام المغربARبولندا تحمي نفسها من التصعيد المحتمل عبر إثارة نزاع مع أوكرانياARترمب: واشنطن لا تتطلع لتغيير النظام في إيران.. ونتنياهو يزعم رغبة قرى لبنانية في الانضمام لإسرائيلARالديمقراطيون يخططون للتحقيق في ثروة ترمب المتنامية عبر العملات المشفرةARالديمقراطيون يخططون لتحقيقات برلمانية في أنشطة ترمب المالية بعد إعلان أرباحه الضخمةARديوكوفيتش وأوساكا يتصدران منافسات ويمبلدون، وأموريم مدرباً لميلان، وفيفا يرفض طعن بلجيكاARحماس تحل "لجنتها الحكومية" في غزة، و"مجلس السلام" يشدد على "سلطة واحدة وسلاح واحد"ARروسيا تشن هجوماً صاروخياً واسعاً على كييف ومدن أوكرانية أخرىARهجمات في السودان تدمر قرى وتهجر آلاف، والمعارضة الموريتانية تنتقد الحكومة
Newsgather
GeriMozilla AI Test Finds 271 Firefox Vulnerabilities in Anthropic Claude Mythos Trial
Mozilla AI Test Finds 271 Firefox Vulnerabilities in Anthropic Claude Mythos Trial
Gelişiyor
Decrypt22.04.2026Teknoloji3 dk okuma

Mozilla AI Test Finds 271 Firefox Vulnerabilities in Anthropic Claude Mythos Trial

Early version of Anthropic's Claude Mythos identified bugs that were patched this week, highlighting AI's potential to shift cybersecurity advantage toward defenders

Hızlı Bakış

  • Mozilla testing of Anthropic's Claude Mythos AI identified 271 vulnerabilities in Firefox, all patched this week.
  • The results demonstrate how advanced AI systems can analyze large codebases and find weaknesses previously requiring extensive manual review.
  • The AI was also found to autonomously execute complex cyber operations, prompting interest from governments and intelligence agencies including the NSA.

Yapay zekâ özeti

Neden Önemli?

For decades, cybersecurity has been characterized by attackers having the advantage over defenders due to the asymmetry of finding vulnerabilities being easier than patching them. Mozilla's testing suggests AI could fundamentally alter this dynamic by enabling mass discovery of vulnerabilities before exploitation.

Yazı boyutu

For decades, attackers have had the advantage in cybersecurity. Artificial intelligence may be about to change that. In a blog post published on Tuesday, Firefox browser developer Mozilla said an early version of Anthropic's Claude Mythos AI—which has drawn attention in recent weeks for its purported cybersecurity prowess—model helped identify 271 vulnerabilities in the browser during internal testing. Those bugs were patched this week. The results highlight how advanced AI systems can analyze large codebases and locate weaknesses that previously required extensive manual review by human cybersecurity researchers. "As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus," Mozilla wrote. "For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it's even possible to keep up." Mozilla had earlier tested another Anthropic model that identified 22 security-sensitive bugs in a previous Firefox release. Despite these successes, Mozilla acknowledged that the cybersecurity industry has long treated the complete elimination of software exploits as an "unrealistic goal." "Until now, the industry has largely fought security to a draw," the company wrote. "Vendors of critical internet-exposed software like Firefox take security extremely seriously and have teams of people who get out of bed every morning thinking about how to keep users safe." Mozilla said the new AI system can analyze source code and identify vulnerabilities in ways that previously depended on scarce human expertise. However, Mozilla said the company was encouraged to see that no bugs were found that couldn't have been discovered by "an elite human researcher." "Some commentators predict that future AI models will unearth entirely new forms of vulnerabilities that defy our current comprehension, but we don't think so," they said. "Software like Firefox is designed in a modular way for humans to be able to reason about its correctness. It is complex, but not arbitrarily complex." The results, however, suggest AI tools could allow developers to uncover large numbers of vulnerabilities before attackers exploit them—though conversely, in the wrong hands, it could spell big trouble for software firms and users alike. Launched in March, Mythos is Anthropic's most advanced model for reasoning, coding, and cybersecurity tasks. Internal company materials describe the system as part of a new model tier beyond the company's earlier Opus series. Testing conducted before the model's release showed it could identify thousands of previously unknown vulnerabilities across major operating systems and web browsers. Anthropic has limited access to the system through a restricted program called Project Glasswing, which gives select technology companies—including Amazon, Apple, and Microsoft—the ability to use the model to scan software for weaknesses. It reflects a growing effort within the cybersecurity industry to use AI systems to identify and patch vulnerabilities before attackers can exploit them. However, the same technology could also enable new forms of cyberattacks. Security researchers say AI systems capable of analyzing code at scale could automate the discovery of exploitable vulnerabilities across widely used software. After the launch of Mythos, testing by the U.K.'s AI Security Institute found that the AI could autonomously execute complex cyber operations, including completing a multi-stage corporate network attack simulation without human assistance. Those capabilities have drawn attention from governments and intelligence agencies alike. Despite a call from President Donald Trump's administration to stop using Anthropic's technology due to a clash over its use in war and surveillance matters, on Monday, the National Security Agency was revealed to be running Claude Mythos Preview on classified networks, according to sources familiar with the deployment. The use of Mythos underscores the growing interest among U.S. security agencies in the model's ability to identify critical software vulnerabilities. The model's performance has also exposed limits in existing AI evaluation systems. Earlier this month, Anthropic acknowledged that several cybersecurity benchmarks are no longer sufficient to measure the capabilities of its newest models. Mozilla said the results point to a potential shift in cybersecurity, where defenders may begin to close the long-standing advantage attackers have held. "We are extremely proud of how our team rose to meet this challenge, and others will too," Mozilla wrote. "Our work isn't finished, but we've turned the corner and can glimpse a future much better than just keeping up. Defenders finally have a chance to win, decisively."

Bundan Sonra Ne Olabilir?

Yapay zekâ öngörüsü — kesinlik taşımaz

  • More software companies will adopt AI vulnerability scanning tools within the next 6 months

    Çok muhtemel · Aylar içinde

  • Government regulations on AI cybersecurity tools will be proposed within the year

    Muhtemel · Aylar içinde

Açık Sorular

  • Will AI truly discover new classes of vulnerabilities or just find existing ones faster?
  • How will governments regulate AI-powered vulnerability discovery?
  • Can AI-generated vulnerabilities be as easily patched as human-discovered ones?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: Decrypt.

İlgili Haberler

Bu konuda daha fazlaanthropic