Sam: Mozilla just disclosed that Claude Mythos Preview found 271 previously unknown vulnerabilities in Firefox 150 — including bugs that have been sitting in the codebase for up to twenty years. And the way it found them matters as much as the number.

Priya: Welcome to AI Revolution for Friday, May 8th, 2026. I'm Priya Nair.

Sam: And I'm Sam Kim. Today we've got a dense one. AI-driven vulnerability discovery at scale, OpenAI opening a specialized offensive security model to vetted researchers, three new real-time voice models, SpaceX dropping a $55 billion chip fabrication bet, Anthropic leasing compute from Elon Musk's supercomputer — which is a sentence I did not expect to be saying — some movement on EU AI regulation timelines, and a genuinely interesting alignment research result. Let's get into it.

Sam: So the Firefox story. Let's talk about why this is technically interesting rather than just impressively large. The pipeline Mozilla built isn't just "run Claude on the codebase and see what it flags." That would produce a huge number of false positives and be basically unusable. What they built is an agentic loop: the model identifies a potential vulnerability, then autonomously writes a test case, builds a version of Firefox instrumented to catch that class of bug, runs the test, and uses the result to filter its own output. So it's doing the triage work that would normally fall to a human security engineer.

Priya: The false positive problem is the key constraint here. Any static analysis tool can generate thousands of potential issues. The reason teams don't just run those continuously is the signal-to-noise ratio makes them impractical. If Claude Mythos can close that loop autonomously — hypothesize, test, confirm — you've changed the economics of security auditing significantly.

Sam: And Mozilla is integrating this into pre-commit checks. Every new piece of code gets run through this before it lands. The twenty-year-old bugs are interesting for a different reason — they tell you that these weren't findable with previous automated tooling and weren't surfaced by manual review over decades of development. That's a capability gap being closed.

Priya: Which brings us directly to the other security story. OpenAI released GPT-5.5-Cyber, a model variant tuned specifically for offensive security work. It has relaxed refusal behavior — it rejects far fewer security-related requests — and it can actively execute exploits against test infrastructure. Access is gated: you have to be a verified defender of critical infrastructure. Cisco, CrowdStrike, Cloudflare are named as early partners.

Sam: What's technically interesting here is the framing of "relaxed safety guardrails." That's not removing alignment work — it's deploying a version of the model where the threat model has been recalibrated. For a general-purpose assistant, helping someone write an exploit is high-risk because you can't verify intent. For a verified CrowdStrike engineer working in a sandboxed test environment, the calculus is different. The underlying capability was always there; what's changed is the access control layer that sits in front of it.

Priya: And this is now a direct competitive front between Anthropic and OpenAI. Mythos Preview is the model Mozilla used. GPT-5.5-Cyber is OpenAI's answer. We're watching a specialized model market emerge for high-trust security use cases, which is a meaningful structural shift from the general-purpose model competition of the last few years.

Sam: Let's talk about OpenAI's voice models, because the capability jump here is real. Three new releases: GPT-Realtime-2, GPT-Realtime-Translate, and GPT-Realtime-Whisper. GPT-Realtime-2 is the headline — OpenAI says its reasoning matches GPT-5 performance, delivered in real time during a live conversation. GPT-Realtime-Translate handles 70-plus languages.

Priya: The architectural challenge here is latency-quality tradeoff. Running deep reasoning in a streaming voice context requires the model to commit to responses before it's finished generating them. Getting GPT-5-level reasoning to work under those constraints, without the conversational stuttering or lag that has plagued earlier voice models, is a real engineering accomplishment. If the benchmark holds in practice, this changes what's possible in voice-native applications — customer service, live interpretation, medical transcription.

Sam: Now two infrastructure stories that connect in a strange way. SpaceX filed a public hearing notice in Grimes County, Texas, for a chip fabrication facility they're calling Terafab. The investment figure is at least $55 billion. Elon Musk is getting into AI chip manufacturing, directly.

Priya: The context matters. The US semiconductor supply chain is heavily concentrated at TSMC. The geopolitical risk around Taiwan has been a driver of domestic fab investment — Intel's CHIPS Act facilities, the TSMC Arizona expansion. A $55 billion commitment from SpaceX is on the scale of those efforts. The question is timeline and process node. Advanced chip fabrication is extraordinarily difficult; throwing money at it doesn't compress the learning curve quickly. But as a supply chain diversification signal, it's significant.

Sam: And then there's the Anthropic-Musk story, which has a certain irony to it. Anthropic has grown 80x and burned through its own compute infrastructure. To bridge the gap ahead of what looks like an upcoming IPO, they've struck a deal to lease capacity from Musk's Colossus 1 supercomputer — the same facility built to train Grok models at xAI. Musk and Altman have had public friction. Musk has been openly critical of Anthropic. And yet here we are.

Priya: The compute crunch is severe enough that competitive dynamics take a back seat to operational necessity. Colossus 1 has the H100 density that Anthropic needs. The IPO timeline creates urgency — you can't go public while your training capacity is the binding constraint on your roadmap. It's a pragmatic deal driven by infrastructure realities.

Sam: Two policy items worth flagging. The EU's Digital Omnibus on AI pushes most high-risk AI compliance deadlines to late 2027 or 2028. Requirements are eased for small and medium businesses. Two things remain on the original timeline: nudification apps are explicitly banned now, and deepfake labeling requirements still kick in August 2026.

Priya: The delay is partly acknowledgment that the original framework was drafted faster than the technical landscape could be understood. 2027-2028 gives companies more runway, but it also reflects regulators still figuring out how to operationalize risk classification at the pace the technology is moving. The deepfake labeling deadline is the near-term compliance milestone to watch.

Sam: And the US and China are reportedly exploring formal bilateral AI talks — the first AI-specific diplomatic channel between the two nations, according to the Wall Street Journal. No details on scope yet. But a formal channel for AI governance discussions between the two countries with the most frontier capability is meaningful, whatever comes of it.

Priya: Let's end on the alignment research, because I think it's underreported relative to its implications. A study from the Anthropic Fellows Program looked at a simple intervention: before training a model on specific behaviors, train it on texts that explain the rationale behind the intended values. Why those values matter, not just what the correct behavior is. The result is significantly better adherence to those values — including in situations the model never encountered during training.

Sam: The analogy I keep coming back to is the difference between training someone with a rulebook versus teaching them the principles behind the rules. The rulebook fails on edge cases. The principles generalize. What this research suggests is that the same dynamic holds in language model training. If the model has encoded a genuine understanding of why a value matters, it can apply that reasoning in novel situations rather than pattern-matching to training examples.

Priya: The practical implication for alignment work is that the order and content of pre-training and fine-tuning stages matters in ways that aren't obvious from benchmark performance alone. It's an early-stage result, but it points toward a more principled approach to how you structure the training pipeline.

Sam: Looking ahead — the Mozilla result is going to accelerate adoption of agentic security pipelines. If 271 zero-days can surface from one run on Firefox, every major software project is now asking why they're not doing this. Expect to see this pattern replicated quickly.

Priya: The specialized security model space is one to watch closely. The question is whether the gating mechanisms — verified defenders, sandboxed environments — hold up as access scales. These are capable offensive tools. The institutional access controls are doing real work.

Sam: And the compute infrastructure picture is getting genuinely complicated. SpaceX building fabs, Anthropic on Colossus 1, the ongoing TSMC and Intel buildouts — the AI compute supply chain is being redrawn in real time, and that shapes everything downstream about who can train frontier models and when.

Priya: Have a good weekend. Show notes and links to everything we covered today are at cleartext.fm.

Sam: See you Monday.