Artificial intelligence is increasingly reshaping cybersecurity, with advanced models now capable of independently detecting critical vulnerabilities in complex software systems. In a recent collaboration with Mozilla, researchers demonstrated how AI can significantly accelerate the discovery of security flaws in widely used software.

According to researchers at Anthropic, their AI model Claude Opus 4.6 identified 22 previously unknown vulnerabilities in the Firefox browser within two weeks. Of these, Mozilla classified 14 as high-severity vulnerabilities, representing nearly one-fifth of all high-severity Firefox vulnerabilities fixed in 2025.

The findings highlight the growing potential of AI systems to support cybersecurity research by identifying flaws faster than traditional manual analysis.

The project initially began as a model evaluation exercise. Researchers used the AI system to analyse past vulnerabilities in Mozilla Firefox to determine whether the model could replicate known common vulnerabilities and exposures (CVEs). Encouraged by the results, the team then asked the model to search for new, previously unreported flaws in the latest Firefox codebase.

Within 20 minutes of analysis, the model identified a “use-after-free” memory vulnerability in Firefox’s JavaScript engine—an issue that can allow attackers to overwrite memory and potentially execute malicious code.

After validation by security researchers, the issue was submitted through Mozilla’s Bugzilla system. During the validation process, the AI model continued exploring the codebase and generated dozens of additional crashing test cases, prompting further investigation.

Over the course of the collaboration, researchers scanned nearly 6,000 C++ files and submitted 112 unique bug reports to Mozilla. Many of these vulnerabilities have since been addressed in Firefox version 148, with additional fixes expected in upcoming releases.

Mozilla worked closely with the researchers to review the reports and integrate fixes for users worldwide. The organisation has also begun experimenting internally with AI-assisted security research.

The collaboration illustrates how AI-enabled vulnerability discovery could transform the future of software security, helping researchers identify and fix critical flaws more quickly in complex digital systems used by hundreds of millions of people.