A multi-stage verification process has the agent attempt to disprove its own findings to cut false positives and offer remediation directives engineers can apply.

Claude Code has been launched with advanced Code Review capabilities, shifting toward a collaborative agent for code analysis and security research.

This marks a shift from static analysis to agentic development, with Claude Code as a high-velocity enterprise tool for rapid secure code review and remediation.

In a Mozilla collaboration, Anthropic’s Claude Opus 4.6 identified 22 vulnerabilities in Firefox within two weeks, including 14 high-severity issues, as part of testing AI-driven bug finding in real-world software.

Most high- and medium-severity issues were fixed in Firefox 148, with further patches planned for future releases as some bugs remained in later updates.

Claude flagged 112 unique reports across nearly 6,000 C++ files, including a Use After Free vulnerability with a proposed patch.

Experts note that AI scales vulnerability detection but still relies on humans for validation and managing exploitation risk, highlighting dual-use concerns as capabilities evolve.

The collaboration demonstrates AI as a promising tool to augment cybersecurity, improving ongoing vulnerability detection and remediation in software security.

Experts foresee AI models like Claude expanding in cybersecurity for detecting and remediating vulnerabilities across complex projects, urging maintainers to act quickly to fortify defenses.

Anthropic’s CEO stated that the DoD designation is limited to Pentagon contracts and does not bar commercial use of Claude in non-defense applications.

Auto-Accept Mode enables Claude to autonomously write code, run tests, and iterate, while humans remain the final gatekeepers for critical business logic.

In controlled exploits testing, some protections like sandboxing were disabled and a verification system provided real-time feedback to help refine Claude’s approach.