🚨 BREAKING: Anthropic just used Claude to find 22 security holes in Firefox. Not theory. Not a demo. Real vulnerabilities. 14 of them classified as high-severity. That’s almost a fifth of all high-severity Firefox bugs fixed in all of 2025. In two weeks. Here’s where it gets wild. The first bug took Claude 20 minutes to find. A Use After Free vulnerability in Firefox’s JavaScript engine the kind that lets attackers overwrite memory with malicious code. While the researchers were still validating that first bug, Claude had already found 50 more. By the end, it had scanned nearly 6,000 C++ files and filed 112 reports. Mozilla shipped the fixes to hundreds of millions of Firefox users. Then they tested something scarier. Could Claude actually exploit the bugs it found? Not just find the crack in the wall but kick the door down? They ran the test hundreds of times. Spent $4,000 in API credits. Claude succeeded in two cases. Built a working browser exploit from scratch. The gap between “finds bugs” and “weaponizes them” still exists. For now. Here’s the line from the paper that should keep every security engineer up at night: “It is unlikely that the gap between frontier models’ vulnerability discovery and exploitation abilities will last very long.” ...