Two documents landed on April 21, 2026 and I’ve been asked by many people to comment on them. One is Bobby Holley’s Mozilla blog post announcing that Firefox 150 ships fixes for 271 vulnerabilities identified by Claude Mythos Preview. The other is MFSA 2026-30, the canonical Firefox 150 security advisory. Mozilla published both on the same day.

The two documents describe the same release and yet, I’m here to tell you, they do not agree with each other.

Integrity, It’s the New Privacy

MFSA 2026-30 lists 41 CVE entries, three of which are the standard memory-safety roll-ups. Three individual CVEs carry the credit string “using Claude from Anthropic.” That’s it. That’s the entire Mythos Preview footprint that I have found in the Firefox 150 public record.

If that’s our entire public record of what Mythos Preview shipped in Firefox 150, then what? The blog’s claim of 271 for some reason exceeds the advisory’s ceiling by a factor of more than 90. I mean that’s a rather notable difference of 268.

It seems to me the prior round, which tells us what the unit of account used to be, matters now more than ever.

MFSA 2026-13 shipped the Firefox 148 advisory in February. Fifty-one CVEs listed. Twenty-two credited to Anthropic. Mozilla’s February blog post said 22. The advisory and the blog post agreed to the CVE. One-to-one.

Anthropic’s own red team write-up on the Opus 4.6 round described submitting 112 bug reports to Firefox, every one confirmed a true positive. Those 112 submissions produced 22 shipped CVEs.

That gives us a funnel of roughly 5:1. Anthropic claimed zero false positives, so this is a dedup-and-triage funnel. Duplicates of known issues, defects fixed without a CVE, findings rolled into omnibus memory-safety entries. The public framing collapsed that detail silently and quoted only the downstream number for reasons I can’t explain.

Now use the same arithmetic on Firefox 150. If 271 is the submission count and the advisory shows 3 shipped CVEs, then we jump to 90:1.

Uhhh, tap, tap, is this thing working? How did we lose 5:1? Where did 1:1 go? Either Mythos Preview’s yield-to-shipped-CVE ratio degraded by a factor of eighteen against Opus 4.6, or the blog quietly changed what it counts between February and April without telling us.

When I read this new April 21 post I am being asked to compare 271 to 22 as if they measure the same thing.

But … deep voice of dramatic warning … these cannot measure the same thing.

I Love a Good Mystery

I think it’s safe to start from the assumption that memory-safety roll-up CVEs are the standard vehicle for batching fuzzer-class output at Mozilla. If Mythos findings had been absorbed into roll-ups the way fuzzing output normally has been, then roll-up bylines would show it. And let’s be honest, roll-ups are a derivative of operator fatigue with bug reporting automation. Another day, another thousand bug reports. Now look at CVE-2026-6784, 6785, and 6786 as credit to the Mozilla engineers and the Mozilla Fuzzing Team, with Anthropic on none of them. That closes our roll-up hypothesis.

It’s also feeling weak to claim any cross-release spillover. Same-day companion advisories MFSA 2026-31 through 2026-34 carry 1, 2, 3, and 2 Claude credits respectively. We have an 11 for the ceiling from the April 21 disclosure batch. That’s over 20x short.

And that 11 is the optimistic ceiling, assuming zero overlap between the Firefox, Firefox ESR, and Thunderbird entries. Since all three products share Gecko, the realistic overlap is most of it, and the true non-duplicate count is closer to the FF150 three.

Credit as Clue

It gets interesting because Bobby Holley’s post muddies the case:

Elite security researchers find bugs that fuzzers can’t largely by reasoning through the source code. This is effective, but time-consuming and bottlenecked on scarce human expertise. Computers were completely incapable of doing this a few months ago, and now they excel at it. So far we’ve found no category or complexity of vulnerability that humans can find that this model can’t.

The credits do not support this framing.

Twenty-three of the twenty-five Anthropic-credited CVEs across MFSA 2026-13 and MFSA 2026-30 sit in memory-safety code: use-after-free, invalid pointer, bounds, integer overflow, JIT miscompilation, undefined behavior. The remaining two are mitigation bypasses in the HTML parser and the networking cache, which still sits comfortably inside the attack surface of existing fuzzers. The components are JavaScript engine, WebAssembly, DOM object graph, A/V pipeline, IndexedDB, ImageLib, HTML parser, network cache. I don’t know about you, but I’m looking at the canonical fuzzing target zone. jsfunfuzz, Grizzly, domino, and Mozilla’s own fuzzing team have worked the exact same surface for a decade.

Zero Anthropic credits appeared on the bugs the blog’s framing implicitly promised: sandbox escapes, same-origin violations, privilege escalation in the debugger or the messaging system, cookie-path mitigations, WebAuthn spoofing. Those all went to human reporters on both releases, with names attached.

Look, I’m not saying a chainsaw isn’t a danger to someone who unleashes it randomly. I’m saying in this case, the shape of the evidence says Claude is a productive additional memory-safety finder against C++. It can saw fast, it can cut, like saws are supposed to do when you put them against wood. Granted. But I’m struggling to jump from that to finding a class of bug that existing tools cannot reach. “This chainsaw finds trees humans can’t see” just doesn’t cut it for me without any proof of such a claim, pun not intended.

Open to Debate

We still have work to do, following this transparency game of vulnerability disclosure. It makes me want to take the boardgame Clue and update it for the Mozilla-era kids to play. It was Colonel Mythos with the fuzzer in the memory stack.

Maybe the 271 was a pre-triage submission count. If so, Anthropic owes the same funnel disclosure the Opus 4.6 write-up provided: submissions, duplicates, true positives, shipped CVEs. Without it, the comparison to 22 is not a comparison.

Maybe the 271 includes fixes Mozilla deemed non-exploitable and closed without CVEs. If so, the claim is 271 code defects with security potential, not 271 vulnerabilities. The word choice matters.

Maybe the 271 is an instance-count where one bug pattern recurs across multiple files. Static analysis tools count the same way and report similar figures. That sounds reasonable. It also reduces to the capability profile of existing static analysis, which brings us back to the problem of accuracy in the blog post.

Each of the three helps clarify. None of them matches the plain reading of the blog.

The announcement says Firefox 150 ships fixes for 271 vulnerabilities identified by Mythos Preview. The advisory says 3.

Looking Back on My April 13 Post

Right away I flagged an odd absence of partner-specific findings. My patience held for eight days. On the ninth day Mozilla published meat for me to dig into and… unfortunately their specific number does not survive a lookup against the advisory that Mozilla published at the same time.

It’s better than silence, of course, because now we have a concrete claim that collapses. They control the reporting, they control these numbers. This is now a worse outcome for the verification posture. It’s a cleaner outcome for the diagnosis, not that I wanted it this way. In proper security discipline we walk around saying “I know I’m wrong, I hope I’m wrong, prove me wrong, I must be wrong” constantly. And then we’re right? Unfortunate.

Keep Your Eyes Peeled

Am I on the edge of my seat? Not really. There are now three Anthropic-credited FF150 bugs behind Bugzilla embargoes that will lift over the next 6 to 12 months. Then the per-bug reporter fields will confirm additional Claude credit folded into currently-restricted entries, or they will not. In either case the 268 gap isn’t closed.

MFSA 2026-35 ships with Firefox 151 in mid-May, on Mozilla’s standard four-week cadence. If the missing 268 are deferred findings still working through triage, then we will see a climb in the credit count. If the May advisory shows another three-credit drip, the 271 figure is going to need another round of scrutiny.

Anthropic’s 90-day Glasswing report should be here in July. That is when the 271 hopefully is made transparent. After that, this big headline making splash number can’t hide anymore.

Sources

• Mozilla Foundation Security Advisory 2026-13 (Firefox 148)
• Mozilla Foundation Security Advisory 2026-30 (Firefox 150)
• Bobby Holley, “The zero-days are numbered,” Mozilla blog, April 21, 2026
• Mozilla blog, Firefox 148 Anthropic red team collaboration, February 2026
• Anthropic red team, Mythos Preview write-up

Hexavalent chromium.

Arsenic.

Where? Tesla’s lithium refinery wastewater near Corpus Christi. In a ditch.

Both are IARC Group 1 carcinogens.

Both are absent from Tesla’s state wastewater permit. Why can Group 1 carcinogens be dumped by Tesla on Texas without a permit? Texas Commission on Environmental Quality (TCEQ) tested the discharge in February and certified compliance. They tested for dissolved solids, oil and grease, chlorides, sulfates, temperature, oxygen.

The regulator skipped heavy metals. The permit omits them. The permit also omits lithium, the substance the facility exists to produce.

Lithium.

Think about it. The regulator testing the Lithium plant didn’t test for… lithium.

Before issuance, TCEQ executive director Kelly Keel told the public the wastewater would be free of residual lithium, chemical runoff, or other harmful pollutants. He sounds a bit overconfident. That’s like a CISO telling you the code will be bug free. Yeah, your job is to admit that code is NEVER bug free. You’ve already failed.

Well, guess what? Eurofins found all three.

Eurofins Environment Testing, an accredited lab with locations across the globe, reported traces of hexavalent chromium, a well-known carcinogen, and arsenic, an environmental poison. Nueces County Drainage District No. 2, which manages the ditch, commissioned the test.

Neither hexavalent chromium nor arsenic is included as an allowable discharge pollutant in Tesla’s wastewater permit.

Frank Lazarte, attorney for Nueces County Drainage District No. 2, identified lithium, strontium, and vanadium as a chemical signature pointing back to the battery processing facility. Volunteer engineer Aref Mazloum called the lithium trace a fingerprint at a crime scene.

The district sent Tesla a cease and desist last week.

Good luck with that. Might as well ask Tesla to have door handles to work in a crash so survivors aren’t burned to death.

Tesla discharges 231,000 gallons of refinery wastewater into the ditch every day. The water flows to Petronila Creek, then to Baffin Bay. People eat fish caught there. The sampled water measured ten to twenty times saltier than normal surface water. The ditch walls are losing their vegetation, which raises flood risk for the homes the drainage district exists to protect.

Robstown sits sixteen miles west of Corpus Christi, a city preparing to impose emergency water restrictions in September if the reservoirs keep dropping.

The refinery blew nearly a billion dollars to build. And then the drainage district learned after the fact that it was receiving the discharge when workers found an unfamiliar pipe stretched across the easement.

For some, I don’t know maybe corrupt reason, the TCEQ excludes local drainage districts from the permitting process that results in Group 1 carcinogens being poured out.

The big hat regulator says they perform accountability. We see no cattle, however, because the permit structurally prevents it.

Australians are using more cash, because cash is cool. Cash is availability. Cash is privacy.

The Reserve Bank of Australia survey shows the share rising for regular purchases after two decades of displacement by payment card brand pressure.

Two-thirds of the population values cash highly. Three-quarters carry banknotes, median $65 in the wallet. The 2026 laws mandated acceptance at groceries and petrol stations, and banned surcharges on cards and digital. Policy followed a strong and growing cash preference.

Germany Kept the Flame Alive

Even to this day 53% of German transactions are in cash, slightly above the eurozone average. Germans carry €103 in the wallet, the highest in Europe. Two-thirds want cash preserved, as in the Australian study. More than 70% want current or expanded use. The Bundesbank treats cash access as critical infrastructure and tracks ATM reach and merchant acceptance accordingly.

Australia is cash. The public said keep it that way. Parliament wrote it down. Berlin said welcome to the future.