惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Hacker News
The Hacker News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Privacy & Cybersecurity Law Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Simon Willison's Weblog
Simon Willison's Weblog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
TaoSecurity Blog
TaoSecurity Blog
C
CERT Recently Published Vulnerability Notes
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Tenable Blog
O
OpenAI News
NISL@THU
NISL@THU
AI
AI
T
Threat Research - Cisco Blogs
Know Your Adversary
Know Your Adversary
V
Vulnerabilities – Threatpost
Schneier on Security
Schneier on Security
W
WeLiveSecurity
P
Privacy International News Feed
Cisco Talos Blog
Cisco Talos Blog
S
Secure Thoughts
D
Docker
博客园 - 三生石上(FineUI控件)
T
Troy Hunt's Blog
T
Threatpost
C
Cyber Attacks, Cyber Crime and Cyber Security
Vercel News
Vercel News
H
Hacker News: Front Page
B
Blog
S
SegmentFault 最新的问题
H
Heimdal Security Blog
T
The Blog of Author Tim Ferriss
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
G
GRAHAM CLULEY
AWS News Blog
AWS News Blog
N
News and Events Feed by Topic
L
LINUX DO - 热门话题
小众软件
小众软件
爱范儿
爱范儿
T
The Exploit Database - CXSecurity.com
Hacker News: Ask HN
Hacker News: Ask HN
Recent Announcements
Recent Announcements
Recent Commits to openclaw:main
Recent Commits to openclaw:main
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
PCI Perspectives
PCI Perspectives
I
Intezer
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed

TechCrunch

Robots beat human records at Beijing half-marathon Palantir posts mini-manifesto denouncing inclusivity and ‘regressive’ cultures TechCrunch Mobility: Uber enters its assetmaxxing era Cracks are starting to form on fusion energy’s funding boom Blue Origin successfully re-uses a New Glenn rocket for the first time ever Tesla brings its robotaxi service to Dallas and Houston VC Ron Conway says he has a ‘rare form of cancer’ AI chip startup Cerebras files for IPO Anthropic’s relationship with the Trump administration seems to be thawing The App Store is booming again, and AI may be why “Tokenmaxxing” is making developers less productive than they think Hackers are abusing unpatched Windows security flaws to hack into organizations Zoom teams up with World to verify humans in meetings Gigs turns your concert history into a personal live music archive Chef Robotics escaped the robot cooking graveyard and says it’s thriving — here’s why Uber will now pick up your returns from your doorstep Anthropic launches Claude Design, a new product for creating quick visuals Google’s AI Mode can now help you find products in stock nearby Bluesky confirms DDoS attack is cause of continued app outages Bluesky confirms DDoS attack is cause of continued app outages Netflix plans to add a vertical video feed, use AI for recommendations SaySo is a new short-form video app that aims to restore users’ trust in news Loop raises $95M to build supply chain AI that predicts disruptions Are we tokenmaxxing our way to nowhere? New leaders, new fund: Sequoia has raised $7B to expand its AI bets Netflix co-founder and chair Reed Hastings to leave board Upscale AI in talks to raise at $2B valuation, says report Physical Intelligence, a hot robotics startup, says its new robot brain can figure out tasks it was never taught From the Startup Battlefield stage to the International Space Station: geCKo Materials built a sticky product Slash, a Ramp competitor founded by teenagers, raises $100M at $1.4B valuation OpenAI takes aim at Anthropic with beefed-up Codex that gives it more power over your desktop European police email 75,000 people asking them to stop DDoS attacks Anthropic CPO leaves Figma’s board after reports he will offer a competing product Google now lets you explore the web side-by-side with AI Mode Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme InsightFinder raises $15M to help companies figure out where AI agents go wrong AI traffic to US retailers rose 393% in Q1, and it’s boosting their revenue too Roblox’s AI assistant gets new agentic tools to plan, build, and test games Google adds Nano Banana-powered image generation to Gemini’s Personal Intelligence Google is now targeting bad ads over bad actors You’ve heard of hybrid cars. Now meet a hybrid cement plant. Runway CEO says AI could help Hollywood make 50 films instead of one $100M blockbuster Meta raises Quest 3 and Quest 3S prices due to RAM shortage Canva’s AI assistant can now call various tools to make designs for you Fashion retailer Express left customers’ personal data and order details exposed to the internet This simulation startup wants to be the Cursor for physical AI DeepL, known for text translation, now wants to translate your voice Amazon-backed X-energy files to raise up to $800M in IPO Ford EV and tech chief leaving automaker Wait, could they still actually break up Live Nation? Monarch Tractor’s collapse ends with an acquisition by Caterpillar OpenAI updates its Agents SDK to help enterprises build safer, more capable agents Hightouch reaches $100M ARR fueled by marketing tools powered by AI LinkedIn data shows AI isn’t to blame for hiring decline… yet Feds will require data centers to show their power bills AI learning app Gizmo levels up with 13M users and a $22M investment Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Google rolls out a native Gemini app for Mac This Khosla-backed autonomous pod startup just raised $170M — now it’s aiming for more Accel raises $5B to back late-stage bets India’s vibe-coding startup Emergent enters OpenClaw-like AI agent space Anthropic shrugs off VC funding offers valuing it at $800B+, for now Motorola sues social platforms and creators over posts, raising speech concerns in India Airwallex is about to take on Stripe and the rest of the payments industry — in the physical world After sale of its shoe business, Allbirds pivots to AI Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant Vercel CEO Guillermo Rauch signals IPO readiness as AI agents fuel revenue surge Hack at Anodot leaves over a dozen breached companies facing extortion The largest orbital compute cluster is open for business Trump officials may be encouraging banks to test Anthropic’s Mythos model Apple reportedly testing four designs for upcoming smart glasses X says it’s reducing payments to clickbait accounts TechCrunch Mobility: Who is poaching all the self-driving vehicle talent? From LLMs to hallucinations, here’s a simple guide to common AI terms At the HumanX conference, everyone was talking about Claude Slate Auto: Everything you need to know about the Bezos-backed EV startup Walmart-owned Flipkart, Amazon are squeezing India’s quick-commerce startups Kalshi wins temporary pause in Arizona criminal case AMC will stream ‘The Audacity’ premiere in 21 parts on TikTok Sam Altman responds to ‘incendiary’ New Yorker article after attack on his home Nvidia-backed SiFive hits $3.65B valuation for open AI chips NASA Artemis II splashes down in Pacific Ocean in ‘perfect’ landing for moon mission How to watch NASA’s Artemis II splash back down to Earth TechCrunch is heading to Tokyo — and bringing the Startup Battlefield with it France to ditch Windows for Linux to reduce reliance on US tech YouTube Premium and YouTube Music are getting more expensive Every fusion startup that has raised over $100M Last 24 hours: Save up to $500 on your TechCrunch Disrupt 2026 pass PSA: If you use the Meta AI app, your friends will find out and it will be embarrassing Anthropic temporarily banned OpenClaw’s creator from accessing Claude Snap gets closer to releasing new AI glasses after years-long hiatus Stalking victim sues OpenAI, claims ChatGPT fueled her abuser’s delusions and ignored her warnings Florida AG to probe OpenAI, alleging possible connection to FSU shooting ChatGPT finally offers $100/month Pro plan EFF is the latest organization to leave X What founders can learn from Anjuna’s layoffs and recovery Volkswagen drops all-electric ID.4 in the US in pivot back to gas SUVs Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT StubHub to pay $10M to settle FTC allegations over ‘deceptive’ ticket pricing After data breach, $10B-valued startup Mercor is having a month
How Anthropic’s Mythos has rewritten Firefox’s approach to cybersecurity
Russell Bran · 2026-05-08 · via TechCrunch

When Anthropic unveiled its new Mythos model in April, it also delivered a stern warning to anyone developing software. The model was so powerful at sniffing out software vulnerabilities, the lab claimed, that it had discovered thousands of high-severity bugs that would need to be fixed before it could be made public.

Now, security researchers for Mozilla’s Firefox browser are providing a closer look at what that process has looked like in practice, and what Mythos’ powers mean for software security at large.

In a post published on Thursday, Mozilla said Mythos has unearthed a wealth of high-severity bugs, including some that had lain dormant in the code for more than a decade.

That’s a significant improvement from what AI security tools were capable of even six months ago. Until now, AI bug-finding tools have come with severe drawbacks, often inundating security teams with low quality reports and false positives. But Mozilla’s researchers say the latest generation of tools have turned a corner, particularly now that agentic systems can assess their own work and filter out bad results.

“It is difficult to overstate how much this dynamic changed for us over a few short months,” the researchers wrote. “First, the models got a lot more capable. Second, we dramatically improved our techniques for harnessing these models.”

Image Credits:Firefox

The results are striking: In April 2026, Firefox shipped 423 bug fixes, compared to just 31 exactly a year earlier. The researchers have also published details on 12 of the bugs, which range from a pair of unusual sandbox vulnerabilities, to a 15-year-old error in how the browser parses an HTML element.

“These things are actually just suddenly very good,” Brian Grinstead, a distinguished engineer at Mozilla, told TechCrunch. “We see that on our own internal scanning, we see that on external bug reports, and we see that in all sorts of signals across the industry.”

Techcrunch event

San Francisco, CA | October 13-15, 2026

The fact that the system helped reveal vulnerabilities in Firefox’s “sandbox” system is particularly impressive, given how intricate an attack that exploits it needs to be. To find sandbox vulnerabilities, the model must write a compromised patch for the browser, then attack the most secure part of the software with the new code implemented. Finding and demonstrating the bug is a delicate, multi-step process, requiring both creativity and close attention. 

To put this into context, Mozilla’s bug bounty program pays researchers who can find a bug in Firefox’s sandbox up to $20,000 — the highest reward available. Despite the top-dollar bounty, however, Grinstead says Mythos is finding more sandbox issues than human researchers ever did. “We do get them,” he told TechCrunch, “but not at the volume that we are able to find with this technique.”

Notably, the Firefox team still isn’t using AI to fix the bugs, despite well-documented progress in AI coding tools. The team does ask AI to code up patches for each bug, but the resulting code usually can’t be deployed directly, and instead serves as a model for a human engineer.

“For the bugs we’re talking about in this post, every single one is one engineer writing a patch and one engineer reviewing it,” Grinstead says. “We have not found it to be automatable.”

It’s still not clear how AI’s emerging capabilities will change the broader balance of power in cybersecurity. One month since Mythos was previewed, most of the bugs discovered likely haven’t been patched, which makes it hard to capture the full scope of their impact. Anthropic has been scrupulous about following responsible disclosure norms, but it’s likely bad actors are using similar techniques behind the scenes, even if the models they’re using aren’t quite as good.

Speaking at a recent event, Anthropic CEO Dario Amodei was optimistic that the new tools would ultimately favor defenders. “If we handle this right, we could be in a better position than we started, because we fixed all these bugs. There are only so many bugs to find,” Amodei said. “So I think there’s a better world on the other side of this.”

Having dealt with the gritty details, Grinstead has a more measured view: “It’s useful for both attackers and defenders, but having the tool available shifts the advantage a little bit to defense. Realistically, nobody knows the answer to this yet.”

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Russell Brandom has been covering the tech industry since 2012, with a focus on platform policy and emerging technologies. He previously worked at The Verge and Rest of World, and has written for Wired, The Awl and MIT’s Technology Review. He can be reached at russell.brandom@techcrunch.com or on Signal at 412-401-5489.

View Bio