AI 精选动态
智能评分 60
Mozilla 用 Claude Mythos 发现 400+ 安全漏洞
AI 推荐理由
值得观看视频了解代理漏洞发现框架的具体实现方法,可快速复现类似工具。核心解读
Mozilla 使用 Claude Mythos 模型对 Firefox 的 1000 万行代码进行测试,发现并修复了 400 多个安全漏洞,包括隐藏十多年的漏洞。工程师 Brian Grins 分享了代理漏洞发现框架的设计经验,强调框架设置与模型同等重要,并可在半天内复现。
全文
How to fix all the bugs.
> **引用原帖 claire vo 🖤 (@clairevo):**
> Before Fable got released (and pulled) @mozilla was quietly testing Claude Mythos against Firefox's 10M line codebase.
> The result? Over 400 security bugs fixes, including ones that had been hiding in the codebase for over a decade.
> @bgrins, distinguished engineer at Mozilla, walked me through the agentic bug-finding harness behind the model. His take? It was 50% mythos / 50% setup.
> In this ep, Brian walks through:
> - why you can't just point a model at 10M lines of code
> - how to write a good goal/loop pattern
> - killing false positives with a verifier
> - why it's good to "lie to the agent"
> And guess what? This isn't magic - you can write your own similar harness in less than an afternoon.
> Watch now on YT: https://t.co/pBQJZHIM6D
> https://x.com/clairevo/status/2069129613427831169