Anthropic's Mythos AI Uncovers 20-Year-Old Flaws in macOS and Firefox

Anthropic has just demonstrated why its new AI, codenamed Mythos, is considered one of the most powerful (and potentially dangerous) tools ever created for cybersecurity. According to recent reports from the Wall Street Journal and official data from Mozilla, Mythos helped identify critical vulnerabilities in Apple's macOS and performed an unprecedented cleanup in the Firefox browser.

The "Massacre" of Bugs in Firefox

In April 2026, Mozilla reported an impressive surge in its security pipeline. Utilizing direct integration with the Claude Mythos Preview, the company fixed 423 vulnerabilities in a single month. To put this into perspective, this volume exceeds everything Mozilla had fixed in the previous 14 months combined.

What impressed engineers the most was the AI's ability to find "dormant" flaws. Among the identified bugs was a 20-year-old XSLT reentry vulnerability and a flaw in the HTML legend element that had persisted for 15 years. Mythos proved capable of understanding legacy code contexts that human auditors had overlooked for decades.

Apple and the Privilege Escalation Exploit

Meanwhile, in Palo Alto, researchers from the security firm Calif used techniques derived from Mythos to expose a new exploit in macOS. The attack, detailed in a 55-page report sent to Apple, chains two bugs to corrupt system memory and gain unauthorized access to restricted parts of the kernel. Apple confirmed it is reviewing the findings, which could result in an emergency patch in the coming days.

Despite the defensive success, the case also raises alarms. Anthropic is investigating a possible access leak to the model via third-party vendors (Mercor), underscoring the debate on the "dual-use" nature of AI: the same technology that fortifies Mozilla's software could, in the wrong hands, be used to create undetectable digital weapons.

You can follow the complete security bulletins on the Mozilla Developer Portal and updates from Apple Security.