The process took only two weeks to find about a fifth of the total high-severity risks found in all of 2025 — providing a much faster way to scan for bugs.
— Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them. This gives defenders the advantage, Anthropic writes, but warns this might change.
Claude works on the full stack, from initial bug hunting to verification and then suggesting patches, offering much needed relief to overworked developers.
— We view this as clear evidence that large-scale, AI-assisted analysis is a powerful new addition in security engineers’ toolbox, Mozilla says in a blog post.
Read more: Anthropic’s workthrough, Mozilla’s blog. Writeups on TechCrunch and Axios.