• Firefox: The zero-days are numbered

    From LWN.net@86:200/23 to All on Wed Apr 22 06:40:09 2026
    This
    Firefox blog post reports that the Firefox˙150 release includes
    fixes for 271 vulnerabilities found by the Claude Mythos preview.

    Elite security researchers find bugs that fuzzers can't largely by
    reasoning through the source code. This is effective, but
    time-consuming and bottlenecked on scarce human
    expertise. Computers were completely incapable of doing this a few
    months ago, and now they excel at it. We have many years of
    experience picking apart the work of the world's best security
    researchers, and Mythos Preview is every bit as capable. So far
    we've found no category or complexity of vulnerability that humans
    can find that this model can't.

    This can feel terrifying in the immediate term, but it's ultimately
    great news for defenders. A gap between machine-discoverable and
    human-discoverable bugs favors the attacker, who can concentrate
    many months of costly human effort to find a single bug. Closing
    this gap erodes the attacker's long-term advantage by making all
    discoveries cheap.

    https://lwn.net/Articles/1068906/
    --- SBBSecho 3.37-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)