short
- A security firm claims to have built a working vulnerability into MacOS targeting Apple’s M5 chip and memory integrity enforcement system.
- The company says a preview version of Anthropic’s Claude Mythos AI helped identify bugs and aid in exploit development.
- Apple has not yet commented publicly on these allegations.
Apple devices have long been considered among the most difficult consumer systems to hack due to the company’s integrated hardware and software security. Now, a security startup claims that a small team of researchers used a preview version of Anthropic’s Claude Mythos to build a working exploit against Apple’s new M5 chip security in less than a week.
In Substack share published On Thursday, Vietnam-based Calif said it had developed what it describes as the first public macOS kernel memory corruption exploit able to survive Apple’s new memory integrity protections, or MIE, on M5 devices. Califf said she shared the findings with Apple at a meeting held at the tech giant’s headquarters in California.
“We wanted to report this personally, rather than get buried in the submission deluge that some unfortunate Pwn2Own participants were subjected to,” Kalev wrote. “Most respectable hackers avoid human interaction whenever possible, so this physical strategy may give us a slight advantage in the eternal race for five minutes of fame and glory on Twitter.”
According to Calf, the “attack path” was discovered by accident after researchers found the bugs on April 25, and then developed an effective vulnerability by May 1.
The exploit chain targets macOS 26 running on Apple M5 systems. According to the company, the attack starts from an unprivileged local user account and escalates to root access using standard system calls. This exploit is said to combine two vulnerabilities and additional techniques targeting bare metal M5 devices with kernel MIE enabled.
Califf said Mythos Preview helped identify vulnerabilities and assist during development of the exploit, but added that human expertise was still necessary to bypass Apple’s new MIE protections.
“Part of our motivation was to test what is possible when the best models are paired with experts,” the company wrote. “Getting a kernel memory corruption exploit against the best protections within a week is noteworthy, and says something powerful about this pairing.”
Memory corruption errors remain one of the most common ways attackers compromise operating systems and applications, because they can allow the attacker to crash software, steal data, or even take control. Apple’s MIE feature uses memory tagging technology to make these attacks more difficult.
Anthropic released a preview version of Mythos in April after internal testing and external evaluations indicated the model could autonomously identify and exploit software vulnerabilities at a level beyond previous general AI models.
Instead of going public, Anthropy restricted Access to technology companies, banks and researchers selected hereunder Glasswing Project initiative. In the same month, it was also revealed that the US National Security Agency was Use The legends though persist runner Between Anthropic and the Donald Trump administration.
Mozilla later said Mythos had been identified 271 Firefox vulnerabilities during internal testing, while the UK’s AI Security Institute Found The model can independently complete complex multi-stage cyber attack simulations.
Users on Myriad — the prediction market platform you operate DecryptionDastan’s parent company, doesn’t think the full release of Claude Mythos is imminent, it’s in the works Only 10.5% chance of going public By June 30, as of this writing.
Kalev described the Apple M5 vulnerability as a “glimpse of what’s to come.”
“Apple built MIE in a pre-Mythos Preview world,” Kalev wrote. “We’re about to learn how the best mitigation technology on Earth holds up during the first AI bug.”
Daily debriefing Newsletter
Start each day with the latest news, plus original features, podcasts, videos and more.
