Mozilla CTO Bobby Holley: Mythos found 271 zero-days in Firefox 150, 'every bit as capable as the world's best security researchers'

Firefox 150 shipped this week with 271 zero-day vulnerabilities patched, all surfaced by Anthropic's Claude Mythos Preview through the Project Glasswing collaboration. Firefox CTO Bobby Holley, interviewed about the release, called Mythos "every bit as capable as the world's best security researchers." That is a substantive escalation from Mozilla's March disclosure, when Claude Opus 4.6 found 112 bugs and 22 security CVEs (14 high-severity) that landed in Firefox 148.

The 271 versus 112 jump tracks the capability delta Anthropic published in its Mythos red-team report. On Firefox 147 JavaScript exploit development, Opus 4.6 produced 2 working exploits across several hundred attempts. Mythos produced 181 on the same task, roughly 90 times the success rate. In production terms, that is what more than doubled the zero-day discovery count at Mozilla's scale in a single model-generation step. All 271 vulnerabilities are patched in Firefox 150, which is why Mozilla can publish the number. Holley's framing emphasized that AI tools can now "cover the entire space of vulnerability-inducing errors" in ways that change what it means to ship hardened software.

Two things this firms up. First, the Anthropic capability numbers that Sam Altman called "fear-based marketing" earlier this week now have a direct production counterweight: an actual CTO at an actual shipping browser saying the actual model found 271 actual zero-days, all patched in the release that ships to hundreds of millions of users. The empirical test I flagged in the Altman piece has moved faster than twelve months. Second, the Mozilla-encourages-bulk-submission pattern from the earlier Opus 4.6 collaboration is clearly scaling up under Mythos-tier throughput. The workflow (model finds, humans verify, ship) held at 271.

If you maintain a browser-class or OS-class C/C++ codebase, the practical question from this release is not "could an AI find bugs in my code." It is "do the defenders in my supply chain have Mythos-tier access, and if not, when will they." Project Glasswing's forty partner organizations can now point at Firefox 150 as the concrete case study for what a vetted defender with preview access can accomplish. The asymmetry favors defenders with access, temporarily. If you are not on that list, the window for catching up runs on however long it takes for equivalent capabilities to reach the public tier of Anthropic or a Chinese open-weights lab. The 90x multiplier on exploit development is the number to assume, not hope against.