Category Archives: Security

Security

Mythos Mystery in Mozilla Numbers: How 22 Vulns Became 271 or Maybe 3 in April

Leave a comment

Two documents landed on April 21, 2026 and I’ve been asked by many people to comment on them. One is Bobby Holley’s Mozilla blog post announcing that Firefox 150 ships fixes for 271 vulnerabilities identified by Claude Mythos Preview. The other is MFSA 2026-30, the canonical Firefox 150 security advisory. Mozilla published both on the same day.

The two documents describe the same release and yet, I’m here to tell you, they do not agree with each other.

Integrity, It’s the New Privacy

MFSA 2026-30 lists 41 CVE entries, three of which are the standard memory-safety roll-ups. Three individual CVEs carry the credit string “using Claude from Anthropic.” That’s it. That’s the entire Mythos Preview footprint that I have found in the Firefox 150 public record.

If that’s our entire public record of what Mythos Preview shipped in Firefox 150, then what? The blog’s claim of 271 for some reason exceeds the advisory’s ceiling by a factor of more than 90. I mean that’s a rather notable difference of 268.

It seems to me the prior round, which tells us what the unit of account used to be, matters now more than ever.

MFSA 2026-13 shipped the Firefox 148 advisory in February. Fifty-one CVEs listed. Twenty-two credited to Anthropic. Mozilla’s February blog post said 22. The advisory and the blog post agreed to the CVE. One-to-one.

Anthropic’s own red team write-up on the Opus 4.6 round described submitting 112 bug reports to Firefox, every one confirmed a true positive. Those 112 submissions produced 22 shipped CVEs.

That gives us a funnel of roughly 5:1. Anthropic claimed zero false positives, so this is a dedup-and-triage funnel. Duplicates of known issues, defects fixed without a CVE, findings rolled into omnibus memory-safety entries. The public framing collapsed that detail silently and quoted only the downstream number for reasons I can’t explain.

Now use the same arithmetic on Firefox 150. If 271 is the submission count and the advisory shows 3 shipped CVEs, then we jump to 90:1.

Uhhh, tap, tap, is this thing working? How did we lose 5:1? Where did 1:1 go? Either Mythos Preview’s yield-to-shipped-CVE ratio degraded by a factor of eighteen against Opus 4.6, or the blog quietly changed what it counts between February and April without telling us.

When I read this new April 21 post I am being asked to compare 271 to 22 as if they measure the same thing.

But … deep voice of dramatic warning … these cannot measure the same thing.

I Love a Good Mystery

I think it’s safe to start from the assumption that memory-safety roll-up CVEs are the standard vehicle for batching fuzzer-class output at Mozilla. If Mythos findings had been absorbed into roll-ups the way fuzzing output normally has been, then roll-up bylines would show it. And let’s be honest, roll-ups are a derivative of operator fatigue with bug reporting automation. Another day, another thousand bug reports. Now look at CVE-2026-6784, 6785, and 6786 as credit to the Mozilla engineers and the Mozilla Fuzzing Team, with Anthropic on none of them. That closes our roll-up hypothesis.

It’s also feeling weak to claim any cross-release spillover. Same-day companion advisories MFSA 2026-31 through 2026-34 carry 1, 2, 3, and 2 Claude credits respectively. We have an 11 for the ceiling from the April 21 disclosure batch. That’s over 20x short.

And that 11 is the optimistic ceiling, assuming zero overlap between the Firefox, Firefox ESR, and Thunderbird entries. Since all three products share Gecko, the realistic overlap is most of it, and the true non-duplicate count is closer to the FF150 three.

Credit as Clue

It gets interesting because Bobby Holley’s post muddies the case:

Elite security researchers find bugs that fuzzers can’t largely by reasoning through the source code. This is effective, but time-consuming and bottlenecked on scarce human expertise. Computers were completely incapable of doing this a few months ago, and now they excel at it. So far we’ve found no category or complexity of vulnerability that humans can find that this model can’t.

The credits do not support this framing.

Twenty-three of the twenty-five Anthropic-credited CVEs across MFSA 2026-13 and MFSA 2026-30 sit in memory-safety code: use-after-free, invalid pointer, bounds, integer overflow, JIT miscompilation, undefined behavior. The remaining two are mitigation bypasses in the HTML parser and the networking cache, which still sits comfortably inside the attack surface of existing fuzzers. The components are JavaScript engine, WebAssembly, DOM object graph, A/V pipeline, IndexedDB, ImageLib, HTML parser, network cache. I don’t know about you, but I’m looking at the canonical fuzzing target zone. jsfunfuzz, Grizzly, domino, and Mozilla’s own fuzzing team have worked the exact same surface for a decade.

Zero Anthropic credits appeared on the bugs the blog’s framing implicitly promised: sandbox escapes, same-origin violations, privilege escalation in the debugger or the messaging system, cookie-path mitigations, WebAuthn spoofing. Those all went to human reporters on both releases, with names attached.

Look, I’m not saying a chainsaw isn’t a danger to someone who unleashes it randomly. I’m saying in this case, the shape of the evidence says Claude is a productive additional memory-safety finder against C++. It can saw fast, it can cut, like saws are supposed to do when you put them against wood. Granted. But I’m struggling to jump from that to finding a class of bug that existing tools cannot reach. “This chainsaw finds trees humans can’t see” just doesn’t cut it for me without any proof of such a claim, pun not intended.

Open to Debate

We still have work to do, following this transparency game of vulnerability disclosure. It makes me want to take the boardgame Clue and update it for the Mozilla-era kids to play. It was Colonel Mythos with the fuzzer in the memory stack.

Maybe the 271 was a pre-triage submission count. If so, Anthropic owes the same funnel disclosure the Opus 4.6 write-up provided: submissions, duplicates, true positives, shipped CVEs. Without it, the comparison to 22 is not a comparison.

Maybe the 271 includes fixes Mozilla deemed non-exploitable and closed without CVEs. If so, the claim is 271 code defects with security potential, not 271 vulnerabilities. The word choice matters.

Maybe the 271 is an instance-count where one bug pattern recurs across multiple files. Static analysis tools count the same way and report similar figures. That sounds reasonable. It also reduces to the capability profile of existing static analysis, which brings us back to the problem of accuracy in the blog post.

Each of the three helps clarify. None of them matches the plain reading of the blog.

The announcement says Firefox 150 ships fixes for 271 vulnerabilities identified by Mythos Preview. The advisory says 3.

Looking Back on My April 13 Post

Right away I flagged an odd absence of partner-specific findings. My patience held for eight days. On the ninth day Mozilla published meat for me to dig into and… unfortunately their specific number does not survive a lookup against the advisory that Mozilla published at the same time.

It’s better than silence, of course, because now we have a concrete claim that collapses. They control the reporting, they control these numbers. This is now a worse outcome for the verification posture. It’s a cleaner outcome for the diagnosis, not that I wanted it this way. In proper security discipline we walk around saying “I know I’m wrong, I hope I’m wrong, prove me wrong, I must be wrong” constantly. And then we’re right? Unfortunate.

Keep Your Eyes Peeled

Am I on the edge of my seat? Not really. There are now three Anthropic-credited FF150 bugs behind Bugzilla embargoes that will lift over the next 6 to 12 months. Then the per-bug reporter fields will confirm additional Claude credit folded into currently-restricted entries, or they will not. In either case the 268 gap isn’t closed.

MFSA 2026-35 ships with Firefox 151 in mid-May, on Mozilla’s standard four-week cadence. If the missing 268 are deferred findings still working through triage, then we will see a climb in the credit count. If the May advisory shows another three-credit drip, the 271 figure is going to need another round of scrutiny.

Anthropic’s 90-day Glasswing report should be here in July. That is when the 271 hopefully is made transparent. After that, this big headline making splash number can’t hide anymore.

Sources

Security

Tesla is Pouring Cancer Into Texas

Leave a comment

Hexavalent chromium.

Arsenic.

Where? Tesla’s lithium refinery wastewater near Corpus Christi. In a ditch.

Both are IARC Group 1 carcinogens.

Both are absent from Tesla’s state wastewater permit. Why can Group 1 carcinogens be dumped by Tesla on Texas without a permit? Texas Commission on Environmental Quality (TCEQ) tested the discharge in February and certified compliance. They tested for dissolved solids, oil and grease, chlorides, sulfates, temperature, oxygen.

The regulator skipped heavy metals. The permit omits them. The permit also omits lithium, the substance the facility exists to produce.

Lithium.

Think about it. The regulator testing the Lithium plant didn’t test for… lithium.

Before issuance, TCEQ executive director Kelly Keel told the public the wastewater would be free of residual lithium, chemical runoff, or other harmful pollutants. He sounds a bit overconfident. That’s like a CISO telling you the code will be bug free. Yeah, your job is to admit that code is NEVER bug free. You’ve already failed.

Well, guess what? Eurofins found all three.

Eurofins Environment Testing, an accredited lab with locations across the globe, reported traces of hexavalent chromium, a well-known carcinogen, and arsenic, an environmental poison. Nueces County Drainage District No. 2, which manages the ditch, commissioned the test.

Neither hexavalent chromium nor arsenic is included as an allowable discharge pollutant in Tesla’s wastewater permit.

Frank Lazarte, attorney for Nueces County Drainage District No. 2, identified lithium, strontium, and vanadium as a chemical signature pointing back to the battery processing facility. Volunteer engineer Aref Mazloum called the lithium trace a fingerprint at a crime scene.

The district sent Tesla a cease and desist last week.

Good luck with that. Might as well ask Tesla to have door handles to work in a crash so survivors aren’t burned to death.

Tesla discharges 231,000 gallons of refinery wastewater into the ditch every day. The water flows to Petronila Creek, then to Baffin Bay. People eat fish caught there. The sampled water measured ten to twenty times saltier than normal surface water. The ditch walls are losing their vegetation, which raises flood risk for the homes the drainage district exists to protect.

Robstown sits sixteen miles west of Corpus Christi, a city preparing to impose emergency water restrictions in September if the reservoirs keep dropping.

The refinery blew nearly a billion dollars to build. And then the drainage district learned after the fact that it was receiving the discharge when workers found an unfamiliar pipe stretched across the easement.

For some, I don’t know maybe corrupt reason, the TCEQ excludes local drainage districts from the permitting process that results in Group 1 carcinogens being poured out.

The big hat regulator says they perform accountability. We see no cattle, however, because the permit structurally prevents it.

Security

Cash is Back, Baby!

Leave a comment

Australians are using more cash, because cash is cool. Cash is availability. Cash is privacy.

The Reserve Bank of Australia survey shows the share rising for regular purchases after two decades of displacement by payment card brand pressure.

Two-thirds of the population values cash highly. Three-quarters carry banknotes, median $65 in the wallet. The 2026 laws mandated acceptance at groceries and petrol stations, and banned surcharges on cards and digital. Policy followed a strong and growing cash preference.

Germany Kept the Flame Alive

Even to this day 53% of German transactions are in cash, slightly above the eurozone average. Germans carry €103 in the wallet, the highest in Europe. Two-thirds want cash preserved, as in the Australian study. More than 70% want current or expanded use. The Bundesbank treats cash access as critical infrastructure and tracks ATM reach and merchant acceptance accordingly.

Australia is cash. The public said keep it that way. Parliament wrote it down. Berlin said welcome to the future.

History, Security

DoJ Protects KKK by Indicting America’s Leading Anti-Hate Group

Leave a comment

Montgomery, Alabama. April 21, 2026. The district where Klansmen firebombed the SPLC office in 1983.

They’re back to attack the SPLC again.

The district where United Klans of America operated until SPLC civil litigation bankrupted it in 1987 after UKA Klansmen lynched Michael Donald. The district where federal prosecutors looked away from the Montgomery bus boycott, the Freedom Rides, the Selma march, and the murders that accompanied all three. The Justice Department has chosen the geography of historical failure to prosecute the organization that forced civil accountability where criminal prosecution refused to operate.

The 1981 lynching, two years before the Klansmen firebombed the SPLC office in 1983

A federal grand jury in the Middle District of Alabama returned a heavily flawed eleven-count indictment against the Southern Poverty Law Center (SPLC). This post is about Trump doing what everyone has long said Trump does for the KKK.

The Economist/The New Yorker weren’t wrong

Acting Attorney Kevin P. Davidson
There’s a lot of acting going on in Alabama. The charging instrument is signed by Acting United States Attorney Kevin P. Davidson and his Assistant United States Attorney Russell T. Duraski. The press conference was staged by Acting Attorney General Todd Blanche and FBI Director Kash Patel. Notably Patel announced last year he was campaigning to sever all FBI ties with the SPLC because it had been mapping hate related to domestic terrorism.

Patel said on Friday that the FBI would sever its relationship with the SPLC, asserting that the organization had been turned into a “partisan smear machine” and criticizing it for its use of a “hate map” that documents alleged anti-government and hate groups inside the United States. […] The FBI also cut ties with the Anti-Defamation League, a prominent Jewish advocacy organization that fights antisemitism. It faced criticism on the right for maintaining a “Glossary of Extremism.”

No map, no glossary, allowed anymore by the Trump FBI if it points at America First.

Tracking America First campaigns (Mapping the Klan) is based on a variety of sources, mostly newspapers sponsored by or sympathetic to the Ku Klux Klan. These publications reported on the activities of local units, known officially as Klaverns. Source: Virginia Commonwealth University

False DoJ Statements

The charge of wire fraud requires a materially false statement. Read the indictment for the false statement and there is none. It does not exist.

The government quotes SPLC donor-facing language at length: dismantle white supremacy, expose hate and injustice, confront hate, stand up to injustice.

Every quoted phrase is true.

Running paid sources inside the Ku Klux Klan is how you dismantle, expose, and confront the Ku Klux Klan. That is the operative definition of those verbs. The truth is context of organized racist violence. The indictment charges the sentences on one page and admits on the next page that SPLC penetrated National Alliance leadership, United Klans of America leadership, and the online planning chat for Unite the Right.

These facts are facts. The government points at no lie. None.

Instead it puts out a theological argument that they want the word dismantle to mean, to donors, something other than what this organization has very publicly been doing since 1971.

Morris Dees described the method in his books. Federal courts that tried the Donald, Person, and Macedonia Baptist civil cases knew where the evidence came from. Journalists reported on the Intelligence Project for decades. The method that the indictment falsely labels a secret is the method the organization is most famous for doing in the public eye.

The DoJ is the one on record making false statements.

Paragraph 11: Defense Opening Statement

Read paragraph 11(a) and the whole indictment crashes. F-37 was a member of the online leadership chat that planned Unite the Right. Attended Charlottesville under SPLC direction. Coordinated transportation for several attendees. The Justice Department has just placed in a grand jury indictment the fact that SPLC ran a source inside the planning apparatus of the rally that produced James Fields driving a car into Heather Heyer.

Any competent defense lawyer will read that paragraph to a jury and ask which part that SPLC donors should regret.

Paragraph 11(b) is even worse for the government. F-9 was a twenty-year National Alliance fundraiser. In 2014, F-9 delivered twenty-five boxes of internal National Alliance materials to an SPLC employee for copying. Twenty-five boxes. The largest documented counterintelligence haul against American neo-Nazism in a generation. The prosecution placed this sentence in the indictment as evidence of fraud against donors.

It is evidence of donors receiving what they wanted and far more than they paid for.

On the Document Theft

The government narrates F-9 entering National Alliance headquarters, removing materials, and the SPLC paying F-39 approximately $6,000 to falsely take responsibility. If the government had evidence of a chargeable theft conspiracy or obstruction of justice against SPLC employees, federal prosecutors had twelve years to bring it.

Twelve years.

They brought wire fraud over ACH batches instead. Either the underlying evidence fails to support the theft narrative the indictment insinuates, or the prosecutors prefer to make a rhetorical charge over a tiny one. Either reading erases any credibility of the filing. A prosecutor with a real burglary case charges the burglary. A political assignment apparently charges what the Trump assignment requires.

Indict the FBI

Gary Thomas Rowe was a paid FBI informant inside United Klans of America. He was in the car during the 1965 murder of Viola Liuzzo. The Bureau paid him with officially appropriated funds from Congress on representations about combating domestic terrorism. Under the legal theory Davidson and Duraski signed their names to, every FBI handler who ran a Klan source committed wire fraud against the American taxpayer. That’s batshit, Robin. Every DEA cartel penetration, every ATF firearms trafficking case, every federal organized crime prosecution built on informant testimony? GTFO. This DoJ theory cannot survive its own generalization that says domestic terrorism cannot be legally investigated.

No federal court will adopt a rule of law that retroactively criminalizes seventy years of federal counterintelligence practice. The indictment language is a KKK get out of jail free card.

Dates as Confessional

The §1014 bank false statement counts are dated December 20, 2016. Indicted on April 21, 2026. That’s nine years and four months into the ten-year window available under FIRREA. You can see the problem.

A prosecutor with fresh evidence files promptly. A prosecutor handed a political assignment files at the statutory edge because nothing new has emerged and the clock is running out. The wire fraud counts are dated April 25, 2023, within the extended ten-year window that applies when wire fraud affects a financial institution. The government will argue that extension to keep its charges alive. The filing dates, read together, describe an office reaching for every inch available to spin up a non-case the career prosecutors correctly ignored without action for most of a decade.

Forfeiture as Captured State Weapon

Forfeiture Allegation-2 invokes Title 18 §982(a)(1). This is the statute that allows pre-trial asset seizure on money laundering charges. Count Eleven exists to anchor the forfeiture.

The captured Justice Department is moving to seize the SPLC endowment, the archives, the operating capital, the real property traceable to donor funds.

Notably, the real property includes the Civil Rights Memorial Center on Washington Avenue and, across the street, Maya Lin’s Civil Rights Memorial: a black granite table inscribed with the names of forty people murdered during the civil rights movement between 1954 and 1968.

Trump wants history erased.

Woodrow Wilson adopted the 1850s nativist (racist hate) slogan “America First” in 1915 and soon after the infamous white robe costumes appeared, based on the film “Birth of a Nation” that he heavily promoted to white-first audiences.

The Department of Justice, in 2026, has filed a forfeiture action that places Maya Lin’s memorial to civil rights martyrs within the universe of property the government is moving to seize from the civil rights organization that built it.

Say the sentence out loud. Read it twice. That is the actual basis of this entire charging instrument. Censorship.

Win or lose at trial is secondary to the outcome the filing produces. The substantive case will grind through motions and appeals for years. The asset seizure is meant to bomb America on day one. Strip operational capital and the organization ceases to function while the litigation is pending. That mechanism is the fire, ready, aim of Trump punishment.

The Charged Amount is Peanuts

The wire fraud counts? Just $13,905 in ACH transfers on a single day. Thirteen thousand nine hundred and five dollars. A prosecutor with proportionate judgment does not indict a civil rights organization over thirteen thousand dollars in batched bank transactions. The $3 million aggregate figure the press conference repeated is shameless DoJ exaggeration. It is politically generated hot rhetoric surrounding charges that do not contain it.

Read the counts.

The Indictment Exposes Sources

Remember all the ink spilled on the Trump-Epstein Files?

Every F in the document is identified by group affiliation, payment range, and date window. National Alliance. Aryan Nations. Sadistic Souls Motorcycle Club. American Front. Imperial Wizard of United Klans of America. National Socialist Party of America.

The indictment redacts the names while publishing a reverse-lookup manual.

The violent racist networks SPLC penetrated now have a federal roadmap for identifying their informants. The Justice Department, under grand jury seal, has just handed the National Alliance, the Aryan Nations, and the Unite the Right planning network the intelligence they have been trying to assemble for decades.

This service to the beneficiary class of domestic terrorists is difficult to describe as incidental to the DoJ intentions.

Wrong Side of History

Todd Blanche ran Donald Trump’s criminal defense before his appointment as Acting Attorney General.

Kash Patel published a list of sixty names titled Members of the Executive Branch Deep State in Appendix B of his 2023 book Government Gangsters before his appointment as FBI Director, and pledged on the Bannon podcast to go out and find the conspirators.

Kevin Davidson is a career prosecutor who signed a charging instrument whose legal theory would indict his own agency’s seventy-year history of domestic intelligence practice.

Russell Duraski is the line AUSA.

Judge Emily Marks sits as a 2018 Trump appointee.

The grand jury returned the bill that prosecutors asked it to return, as grand juries do. These names belong in the record of what this indictment is, for history to always reflect on them. The names remain attached to the filing.

American Lessons

The Alabama legal apparatus prosecuted Freedom Riders while protecting the men who beat them.

Federal tax investigations targeted the Southern Christian Leadership Conference.

Bar complaints targeted NAACP lawyers.

The machinery that protected the Klan in the 1950s and 1960s is operating again in 2026, from the same offices, using updated statutes. The method, vocabulary and function are nearly identical. Wire fraud and bank fraud and money laundering are the current language for what sedition, tax evasion, and criminal syndicalism were used for in the civil rights era.

The work the indictment charges is the work that broke United Klans of America in Beulah Mae Donald v. United Klans of America, 1987. The district where the indictment was filed is the district where Klansmen firebombed the SPLC office in 1983 in retaliation for that work.

The Justice Department has now formally sided, through the charging instrument, with the white sheets faction that lit the match and now carries the torches.

What the Record Requires

I’m no lawyer but I spend enough time around them that I expect the indictment will face motions to dismiss, motions to suppress the forfeiture, and constitutional challenges under the First Amendment and the Fifth Amendment selective prosecution doctrine.

The legal process will document, in a public record, the filing is to embolden white supremacist domestic terrorism. Every pleading creates an exhibit for what should follow: professional responsibility referrals against the signing prosecutors, Senate oversight inquiry into the leadership officials who staged the press conference, and the slow accumulation of judicial findings on a charging instrument whose legal theory is an embarrassment to federal precedent on informant operations.

The civil rights bar, the former United States Attorneys association, and every federal prosecutor who has ever signed a 302 on a paid Klan source are now on notice. The theory advanced in Montgomery on April 21, 2026 is the theory that would retroactively criminalize any career that fights AGAINST the KKK. Silence in the face of this filing is consent to the KKK violence that it endorses.

Civil accountability onto the United Klans of America was forced by the SPLC. Now the SPLC will force it onto the current Justice Department that is trying to restart the Klan’s 1983 firebombing by other means.