Mozilla says 271 vulnerabilities found by Mythos and "almost no false positives"
4 hours ago
- #security
- #AI
- #Mozilla
- Mozilla CTO's claim that AI-assisted vulnerability detection will end zero-days and let defenders 'win decisively' was met with skepticism.
- Mozilla engineers used Anthropic Mythos AI model and a custom 'harness' to identify 271 Firefox security flaws over two months.
- The harness guides the AI by providing instructions, tools like file access and test evaluation, and runs it in a loop until completion.
- Unlike previous AI methods that produced many hallucinated bug reports, the new setup resulted in 'almost no false positives.'
- The harness integrates with Mozilla's existing developer tools and pipelines, including the Firefox build for testing.