The important AI security story this week is not that a model found some bugs. It is that large software teams are starting to treat AI bug hunting like infrastructure.

Microsoft announced MDASH, a multi-model agentic scanning harness that helped its security researchers find 16 new Windows vulnerabilities across networking and authentication components. Four were Critical remote code execution flaws. The same system scored 88.45 percent on CyberGym, a public benchmark built from 1,507 real vulnerability reproduction tasks across 188 open source projects.

Mozilla published its own behind-the-scenes account of hardening Firefox with Claude Mythos Preview and other models. The Firefox team says it fixed 271 bugs identified by Claude Mythos Preview for Firefox 150, shipped 423 security fixes in April, and had to build the surrounding machinery for targeting, deduplication, triage, patching, and release management.

Put those together and the pattern is clear. The defensible product is not a chatbot that stares at source code. It is a workflow that can pick promising targets, generate hypotheses, force those hypotheses through proof, suppress junk, route real findings to owners, and get patches shipped.

The Model Is Only One Part Of The Machine

Microsoft is explicit about this. MDASH uses more than 100 specialized agents across stages such as preparation, scanning, validation, deduplication, and proof construction. Some agents audit. Others debate whether a finding is reachable and exploitable. Others try to build inputs that actually trigger the bug.

That matters because vulnerability discovery has always had a false-positive tax. A tool that produces plausible but wrong findings can waste more engineering time than it saves. The new systems are interesting because they push beyond static suspicion. They try to prove that a bug exists before it becomes somebody else's triage burden.

Mozilla describes the same lesson from the open source side. Earlier LLM audits were promising but too noisy to scale. The step change came from agentic harnesses that could create and run reproducible test cases, then plug into Firefox's real security lifecycle. In other words, the breakthrough was not merely better language modeling. It was the ability to put the model inside a system that behaves like a serious security process.

Why This Changes The Economics Of Defense

Security has always been a labor market problem. Skilled auditors are scarce, complex code bases keep growing, and the attacker only needs one good path through the mess. If AI systems can increase the number of credible findings that defenders can validate and patch, the economics shift.

That does not mean every project can suddenly run a Microsoft-scale harness. It does mean the direction of travel is obvious. High-value code bases will be scanned continuously. Security teams will maintain project-specific context for their agents. Fuzzing, static analysis, code search, build systems, and issue trackers will become tools inside larger AI-directed loops.

The near-term winners will not be the teams with the boldest model claims. They will be the teams with the cleanest engineering interfaces. Can the system build the target? Can it run tests in isolation? Can it preserve reproducers? Can it identify the owning subsystem? Can it compare a suspected pattern against the rest of the code base? Can it hand a human reviewer a tight patch and a reason to trust it?

This Also Raises The Bar For Attackers

The same capabilities can help offensive work, and that risk is real. But the defender has one structural advantage: access. Microsoft can run MDASH against Windows internals. Mozilla can run its pipeline against unreleased Firefox code, connect it to existing fuzzing infrastructure, and patch before the public ever sees the vulnerable release.

That is the strongest argument for moving quickly. The best defensive use of AI is not waiting for a scanner to report bugs after release. It is making latent vulnerabilities more expensive to keep alive inside the development cycle.

Open source maintainers should take a pragmatic lesson from Mozilla's post. Do not invite unfiltered AI bug reports into your issue tracker and call that progress. Build a harness. Start narrow. Target high-risk files. Require reproducible test cases. Track the false-positive rate. Make the pipeline fit the project instead of making maintainers absorb a flood of guesswork.

The Takeaway

AI bug hunting is crossing the line from spectacle to operations. Microsoft showed the enterprise version: a large, model-agnostic harness wired into Windows security engineering. Mozilla showed the browser version: an agentic pipeline that found hundreds of real issues but only mattered because the project could fix, ship, and explain them.

The next security stack will not ask which single model is the cleverest auditor. It will ask which organization can turn models, tools, proofs, and release discipline into a reliable bug-killing machine.

Sources: Microsoft Security's MDASH announcement, Mozilla Hacks' Firefox Mythos post, and UC Berkeley's CyberGym benchmark page.