Artificial intelligence is beginning to play a more visible role in cybersecurity research. In a recent collaboration between Anthropic and Mozilla, the AI model Claude Opus helped identify 22 separate security vulnerabilities in the Mozilla Firefox codebase during a two-week testing project.
Out of the 22 issues discovered, 14 were classified as high-severity vulnerabilities. Most of them have already been patched in Firefox 148, released earlier this year, while a small number of fixes are scheduled to arrive in upcoming updates. The project demonstrates how AI systems can assist security teams in reviewing complex software environments.
Anthropic’s researchers began their investigation with Firefox’s JavaScript engine before gradually expanding their analysis to other parts of the browser’s codebase. Firefox was selected intentionally because it represents one of the most mature and thoroughly tested open-source projects available today, making it an ideal environment for evaluating the effectiveness of AI-assisted vulnerability discovery.
Interestingly, while Claude proved highly capable at identifying potential security flaws, it was far less successful at developing working exploits for those vulnerabilities. Anthropic reported spending roughly $4,000 in API credits attempting to generate proof-of-concept exploits, with successful results in only two cases.
Even so, the experiment highlights the growing potential of AI as a cybersecurity tool. For open-source ecosystems in particular, AI-driven analysis could significantly accelerate vulnerability discovery — although it may also increase the volume of automated bug reports and low-quality contributions that maintainers need to review.
We have helped 20+ companies in industries like Finance, Transportation, Health, Tourism, Events, Education, Sports.
