<p id="speakable-summary" class="wp-block-paragraph">In a recent security partnership with Mozilla, Anthropic found <a href="https://www.anthropic.com/news/mozilla-firefox-security" target="_blank" rel="noreferrer noopener nofollow">22 separate vulnerabilities</a> in Firefox — 14 of them classified as “high-severity.” Most of the bugs have been fixed in <a href="https://www.firefox.com/en-US/firefox/148.0/releasenotes/" target="_blank" rel="noreferrer noopener nofollow">Firefox 148</a> (the version released this February), although a few fixes will have to wait for the next release.</p>
<p class="wp-block-paragraph">Anthropic’s team used Claude Opus 4.6 over the span of two weeks, starting in the JavaScript engine and then expanding to other portions of the codebase. According to the post, the team focused on Firefox because “it’s both a complex codebase and one of the most well-tested and secure open-source projects in the world.”</p>
<p class="wp-block-paragraph">Notably, Claude Opus was much better at finding vulnerabilities than writing software to exploit them. The team ended up spending $4,000 in API credits trying to concoct proof-of-concept exploits, but only succeeded in two cases.</p>
<p class="wp-block-paragraph">Still, it’s a reminder of how powerful AI tools can be for open source projects — even if they bring <a href="https://techcrunch.com/2026/02/19/for-open-source-programs-ai-coding-tools-are-a-mixed-blessing/">a flood of bad merge requests</a> alongside the useful ones.</p>
© 2026 Winzheng.com 赢政天下 | 转载请注明来源并附原文链接