Anthropic says its partnership with Mozilla helped Claude Opus 4.6 find 22 Firefox vulnerabilities in two weeks, including 14 high-severity bugs, around a fifth of Mozilla’s 2025 high-severity fixes

Anthropic has announced the results of a groundbreaking security research partnership with Mozilla, revealing that its Claude Opus 4.6 model successfully identified 22 vulnerabilities in the Firefox web browser's codebase over a two-week testing period. The collaboration, detailed in an official Anthropic blog post, specifically tasked the AI with auditing Firefox's Rust code for security flaws. The findings were significant: 14 of the discovered bugs were classified as high-severity, representing approximately one-fifth of all the high-severity fixes Mozilla had planned for its 2025 security roadmap. This rapid discovery rate showcases the potential for AI-assisted code review to dramatically accelerate vulnerability detection in complex, real-world software projects.

Technically, the exercise demonstrated Claude's ability to perform contextual reasoning across large codebases, understanding both the syntax of Rust and the security implications of specific code patterns. Anthropic emphasized that this was not a fully automated audit but a collaborative effort where AI-generated findings were validated by human security engineers. The implications are substantial for the software development lifecycle, suggesting that integrating LLMs into security review pipelines could help organizations identify critical vulnerabilities earlier and more efficiently. Looking ahead, both companies plan to continue exploring how AI can enhance software security, with potential applications ranging from automated patch generation to proactive threat modeling.