Our Take
Mozilla's 13x jump in bug fixes shows AI security tools finally work, but human engineers still write every patch.
Why it matters
Security teams can now find high-value vulnerabilities at scale instead of drowning in false positives. The race is on before attackers get similar tools.
Do this week
Security teams: Evaluate agentic bug-finding tools this quarter before your threat model assumes attackers have them.
Firefox patched 423 bugs in April vs 31 last year
Mozilla shipped 423 bug fixes in April 2026 compared to 31 in April 2025, a 13x increase driven by Anthropic's Mythos model finding vulnerabilities human researchers missed (per Mozilla's Thursday blog post). The AI discovered bugs that had been dormant for over a decade, including sandbox vulnerabilities that Mozilla's bug bounty program pays up to $20,000 to find.
Mythos found more sandbox exploits than human researchers ever reported to Mozilla, despite the maximum bounty. To exploit Firefox's sandbox, the model writes a compromised patch, then attacks the browser's most secure component with that code implemented. Distinguished engineer Brian Grinstead told TechCrunch the multi-step process requires both creativity and precision.
Mozilla published details on 12 specific vulnerabilities, ranging from unusual sandbox bugs to a 15-year-old HTML parsing error. The team credits agentic systems that can assess their own work and filter out false positives, solving the noise problem that plagued earlier AI security tools.
AI security tools crossed the quality threshold
The volume jump represents a category shift from AI tools that flooded security teams with low-quality reports to systems that find bugs humans miss entirely. Mozilla researchers wrote that models got significantly more capable while their techniques for using them improved dramatically over just a few months.
Anthropic CEO Dario Amodei argued defenders gain the advantage because "there are only so many bugs to find." But Mozilla's Grinstead offered a more measured view: the tools help both attackers and defenders, though availability may slightly favor defense teams.
One month since Mythos preview, most discovered bugs likely remain unpatched across the software ecosystem. Anthropic follows responsible disclosure, but similar techniques are probably already in use by bad actors with less capable models.
Humans still write every security patch
Mozilla asks AI to generate patches for each bug, but the code can't be deployed directly and serves only as a template for human engineers. Every fix requires one engineer to write the patch and another to review it, according to Grinstead.
The finding-versus-fixing gap matters for security teams evaluating AI tools. While vulnerability detection now works at scale, the patching bottleneck remains human-limited. Teams should plan for increased bug volume without assuming proportional fixes from AI-generated patches.
Security leaders face a timing decision: adopt these tools now while maintaining human patch workflows, or wait for fixing capabilities to mature while attackers potentially gain similar detection power.