Security researchers use Anthropic Mythos to expose macOS vulnerabilities on Apple M5 chips

Researchers used Mythos to crack macOS.

Researchers at the security firm Calif say they used Anthropic's cybersecurity AI to create a privilege escalation exploit, the Wall Street Journal reports: Last September, Apple said it leveraged its hardware and operating system expertise into a technology called Memory Integrity Enforcement (MIE), which it described as "the culmination of an unprecedented design and engineering effort, spanning half a decade." With Claude, building the code that exploited the two MacOS bugs took five days, Calif says.

First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS -- Claude Mythos helps security researchers bypass Memory Integrity Enforcement

AI-assisted security research is producing exploits at a frightening rate. Thanks to AI-assisted security research, hackers with hats of various colors are finding exploits everywhere. Linux has had its worst week in years with the CopyFail and Dirty Frag root-gaining vulnerabilities, and things aren't much rosier at Microsoft, thanks to the YellowKey BitLocker bypass, as well as GreenPlasma and RedSun privilege-gaining exploits. Now, it's Apple's turn with a local privilege escalation that gets past the M5 chips' much-vaunted Memory Integrity Enforcement (MIE). There aren't many technical details, but the vulnerability is simple in practice: run a command as a standard user and gain root (administrator) access to the machine. Macs are rarely servers, so the practical impact is limited. However, the exploit remains concerning, as it's relatively easy to trick a user into running it and, with full system control, also hard to find and remove. The research team in question is named Calif, and as far as they know, the boffins there are the only ones making a public disclosure of this issue. Such assumptions are tricky in this day and age, though. Mercifully for Captain Cook's ship, instead of being a zero-day reveal out of nowhere that left systems administrators scrambling, the exploit in question was disclosed to the company in advance (in person, no less). Calif published the vulnerability overview as part of a series of blog posts called the Month of AI-Discovered Bugs, since this new Apple vulnerability falls within a set of security findings aided by AI tools -- in this case, Anthropic's Mythos Preview. The researchers tested their code on an Apple M5 machine and macOS 26.4.1. The exploit chain impressively sneaks past MIE, a security feature present on M5 and A19 chips that labels each 16-byte memory slice with a 4-bit tag associated with the pointers that use it. MIE is enforced at the hardware level in a hypervisor-like configuration and effectively protects against most common classes of security exploits, namely, but not only, buffer overflows and use-after-free vulnerabilities. As an oversimplification, MIE ensures that any memory read or write operation acts on the data that it was originally meant to, even at the kernel level. If that doesn't happen, either your application has a bug, or someone's up to shenanigans. The base feature is part of ARM MTE, and MIE is an Apple-added layer that enforces the said checks at the hardware level, with purportedly little to no performance overhead, and only 3% memory wastage. This blog post goes into more detail on the subject, and it's quite an interesting read. Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.

Fears of unfettered hacking spurred by Anthropic's Mythos AI model overstated

May 20 (Reuters) - Early fears that Anthropic's new AI model, Mythos, could dramatically turbocharge hacking are looking overstated a month after its release. The company warned at launch in April that Mythos had uncovered thousands of software vulnerabilities -- including flaws across every major operating system and browser -- and said the fallout from its spread could be severe. Governments took notice. Officials in multiple countries huddled with banks to assess risks, and by early May the White House was weighing rules to control how new models are released after safety testing. But inside the cybersecurity world, the reaction has been more measured -- with some saying the broader response has been overblown, and that access to a Mythos-level large language model will not immediately enable hacking operations previously out of reach for bad actors. "I think there's a really big communication gap between practitioners and policymakers," said Isaac Evans, founder and CEO of software security firm Semgrep. The model represents "a real technical advance," he said, but the response "is not substantiated by what we actually know about how those capabilities will translate in the field." To be sure, experts who have used the model in controlled environments have reported substantial, opens new tab improvement in vulnerability discovery, and banking industry IT staffs are working to fix scores of system weaknesses in large and small bank technology stacks, Reuters reported on May 12. The worry has been ⁠heightened further by continued revelations of criminal and state-linked hacking cases involving AI, including Google's announcement on May 11 that it had detected the first-ever case of a major cybercrime group using AI to discover a previously unknown software flaw and planning a mass exploitation event. PRACTITIONERS SEE MEASURED RISK The gap between the extent of the threat seen by security professionals and that seen by policymakers has fueled a narrative that puts Mythos at the center of a looming security crisis -- even as comparable capabilities have been available for some time. "We've been able to use AI to find more bugs than we know what to do with for months if not years," said one person with extensive vulnerability research experience with early access to Mythos. The challenge is not finding vulnerabilities, they said, but validating, prioritizing and fixing them without breaking systems. Organizations' ability to process and validate a flood of newly discovered vulnerabilities is generally not where it needs to be, the person said, and that is the bigger challenge introduced by Mythos-level models, even as they acknowledged that the model is an improvement. "It is capable of finding more with a weaker prompt than the models that came before it," the person said, referring to the instructions a user provides the model to attempt to achieve a goal. Existing models required more detailed and complicated instructions, the person said, meaning the barrier to entry has been lowered. Anthony Grieco, senior vice president and chief security and trust officer at Cisco (CSCO.O), opens new tab, said one new ⁠and helpful aspect of Mythos is its ability not only to identify vulnerabilities, but to scan much faster vast amounts of code for those vulnerabilities and help experienced practitioners lower the rate of false positives. This, he said, allows defenders to focus on the most pressing cyber risks in their contexts. The model also has fewer guardrails than previous models, allowing users to craft more specific instructions that enable activities that previous models would not. PROJECT GLASSWING TESTS DEFENSES Grieco said to fully maximize the power of Mythos, organizations need both proper computing power as well as a rigorous harness, a term used to describe the computer environment within an organization where a large language model runs with specific instructions and limitations. "If you have a Formula One car but you've only ever driven a bike, you might be able to ⁠get it to go straight," Grieco said. "But you're not going to maximize the track time out of the gate." Even so, Anthropic's framing -- and its decision to invite select firms to test defenses under a program dubbed Project Glasswing -- helped push the conversation about the model well beyond typical security circles. The result: an all-hands-on-deck response that amplified both the perceived threat and the company's stature, even as the Pentagon labeled Anthropic a supply-chain risk while other parts of the government clamored for access. The White House is discussing with AI labs more widespread use ⁠of their technology, a White House official told Reuters. An Anthropic spokesperson said the company is working "closely with the U.S. government to quickly advance shared priorities," and working with the government to give more parties access to Mythos. FINDING VULNERABILITIES WITH AI IS ONLY THE START Mythos -- and to some extent OpenAI's GPT-5.5 -- has dominated national security discussions about AI. But those debates often gloss over a simpler point: vulnerability-hunting AI is not new. The real problem is what comes next. "Our adversaries have gotten really ⁠good without AI," said Cynthia Kaiser, a former senior FBI cybersecurity official now at Halcyon. "Ransomware attacks are happening in under an hour," she said, adding that most threats still don't rely on AI at all. For now, Mythos' scale and computing and infrastructure demands also limit who can use it. But those barriers are unlikely to last. "I don't think the architecture is optimized," said Nick Adam of financial-services company State Street during a panel discussion at Vanderbilt University. He pointed to the computer processing infrastructure and harness issue identified by Grieco. "There's a barrier to entry there -- but it will be solved pretty quickly." Reporting by AJ Vicens in Detroit; Editing by Chris Sanders and Matthew Lewis Our Standards: The Thomson Reuters Trust Principles., opens new tab * Suggested Topics: * Cybersecurity A.J. Vicens Thomson Reuters Cybersecurity correspondent covering cybercrime, nation-state threats, hacks, leaks and intelligence

Security researchers, aided by Anthropic's Mythos, claim to have breached macOS - Engadget

Apple's operating systems are known for their security, especially compared to their rivals in mobile and computing. Now, security researchers from a Palo Alto-based company called Calif claim they were able to breach macOS after designing a privilege escalation exploit with help from Anthropic's Claude Mythos Preview. As The Wall Street Journal reports, the exploit could be used to access parts of the MacBook that should be inaccessible and, thus, allows the attacker to take control of a Mac computer. The researchers worked with Mythos to identify the vulnerabilities and to help them with the exploit's development. Mythos Preview was able to identify the bugs quickly, because they belonged to known classes. Human expertise was still necessary to be able to design the exploit, but this shows advanced AI systems could unearth bugs and attack paths that were previously unknown and could be used by bad actors to stage security breaches. Apple is taking the researchers' findings seriously, and told The Journal: "Security is our top priority, and we take reports of potential vulnerabilities very seriously." In fact, the researchers already met with the company at Apple Park in Cupertino to discuss what they're calling the "first public macOS kernel memory corruption exploit on M5 silicon." If the details they shared sounded vague, it's because they're planning to release the full technical details of their findings after Apple fixes the vulnerabilities and attack path. Anthropic uses Claude Mythos Preview for Project Glasswing, the initiative it launched in April to prevent AI cyberattacks with AI. Glasswing participants, including Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks, can use Mythos to strengthen the security of their own projects. Mozilla, for instance, previously announced that it found and patched 271 vulnerabilities in its latest release of the Firefox browser with help from Mythos. Just a few days ago, OpenAI introduced its own cybersecurity initiative in response to Glasswing and Mythos. OpenAI's Daybreak uses its various AI models, including its specialized security agent Codex. It was designed around the premise that cyber defense should be built into software from the beginning and not just revolve around finding and fixing vulnerabilities.

New macOS vulnerabilities were exposed by Anthropic's Mythos: report - 9to5Mac

Anthropic's Mythos AI model has famously been kept fairly secret due to its apparent risk to software systems around the world. And today a new report says Mythos was used to expose macOS security vulnerabilities that Apple is investigating now. Robert McMillan, writing at The Wall Street Journal: Security researchers say they have discovered a new way of circumventing Apple's state-of-the art security technology, using techniques they discovered while testing an early version of Anthropic's Mythos AI software in April. The researchers with Calif, a Palo Alto-based security research company, say the software they wrote links together two bugs and a handful of techniques to corrupt the Mac's memory and then gain access to parts of the device that should be inaccessible. It is what's known as a privilege escalation exploit, and if it were chained together with other attacks it could be used by a hacker to seize control of the computer. McMillan says that Apple is currently reviewing the report from Calif to validate its findings. A spokesperson from Apple told the WSJ: ""Security is our top priority, and we take reports of potential vulnerabilities very seriously." The team at Calif assembled a 55-page report that it delivered in person to Apple in Cupertino containing its findings. Calif's chief executive, Thai Dong, said that the attack "couldn't have been pulled off by Mythos alone and leveraged the very human cybersecurity expertise of some of Calif's hackers." Details regarding Calif's discoveries are going to be released by the company once the underlying issues are addressed by Apple. Duong told the WSJ that he thinks the bugs "will likely be fixed pretty quickly."

Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool

Anthropic recently announced Project Glasswing, an initiative that enables tech companies like Apple to use its new frontier AI model Claude Mythos Preview to find security vulnerabilities across operating systems and web browsers. The Wall Street Journal today reported that researchers at cybersecurity firm Calif used Claude Mythos Preview to uncover a new macOS security vulnerability last month. Specifically, they used the model to write code that links together two macOS bugs in a way that resulted in what is known as a privilege escalation exploit. The security researchers said the exploit would not have been possible with Mythos alone, as it still required their human expertise on top, but it nevertheless proves that AI can assist with discovering software vulnerabilities. Apple said it was reviewing Calif's report to validate the findings. "Security is our top priority, and we take reports of potential vulnerabilities very seriously," an Apple spokesperson told The Wall Street Journal. It is unclear if Apple has already patched the exploit. Apple's security notes for the macOS 26.5 update released this week mention a fix for a kernel-level vulnerability, and it credits Calif and Anthropic for discovering it. Yet, the report said that Calif only met with Apple this week and suggested that a fix was still coming. We have reached out to Apple for comment.

Anthropic's Mythos is already finding security flaws in Apple software

Anthropic's Claude Mythos is an AI that's so good at finding security flaws, the company opted not to release it publicly, instead giving access to a closed circle of security researchers and large organizations. Now, we're getting first glimpses of just how powerful Mythos (currently available only to select partners, including Apple, as Claude Mythos Preview) can be. The Wall Street Journal reported that security researchers from a Palo Alto-based company called Calif used Mythos to find a crack in Apple's macOS. In a blog post shared by Calif on Thursday, the researchers called this the "first public macOS kernel memory corruption exploit on Apple M5," and explained, without going into all the technicalities, that the exploit can be used to give an unprivileged local user complete access to the device. The exploit, the post explained, involves "two vulnerabilities and several techniques." But here's the kicker: Anthropic's Claude Mythos Preview helped them find the bugs, and assisted with exploit development. "Mythos Preview is powerful: once it has learned how to attack a class of problems, it generalizes to nearly any problem in that class. Mythos discovered the bugs quickly because they belong to known bug classes," the post said. It's unclear whether the flaw Calif found has already been patched or not. As MacRumors pointed out, Apple's release notes for macOS Tahoe 26.5, which was released on Monday, do mention a fix for a bug that was submitted by Calif in collaboration with Claude and Anthropic Research, and Calif is mentioned in two other vulnerability reports. However, in its blog post, Calif said it met with Apple "early this week," perhaps implying that the fix is yet to come. "Full technical details will be shared after Apple fixes the vulnerabilities and attack path," the post said. An Apple spokeseperson gave the WSJ a canned response to the report, saying, "Security is our top priority, and we take reports of potential vulnerabilities very seriously."

Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim - Decrypt

The company says a preview version of Anthropic's Claude Mythos AI helped identify bugs and assist with exploit development. Apple devices have long been considered among the hardest consumer systems to hack because of the company's tightly integrated hardware and software security. Now, a security startup claims a small team of researchers used a preview version of Anthropic's Claude Mythos to build a working exploit against Apple's new M5 chip protections in less than a week. In a Substack post published Thursday, the Vietnam-based Calif said it developed what it describes as the first public macOS kernel memory corruption exploit capable of surviving Apple's new Memory Integrity Enforcement, or MIE, protections on M5 hardware. Calif said it shared the findings with Apple in a meeting at the tech giant's headquarters in California. "We wanted to report it in person, instead of getting buried in the submission flood that some unfortunate Pwn2Own participants just experienced," Calif wrote. "Most respected hackers avoid human interaction whenever possible, so this physical strategy may give us a slight edge in the eternal race for five minutes of fame and glory on Twitter." According to Calif, the "attack path" was discovered accidentally after researchers found the bugs on April 25, then developed a working exploit by May 1. The exploit chain targets macOS 26 running on Apple M5 systems. According to the company, the attack starts from an unprivileged local user account and escalates to root access using standard system calls. The exploit reportedly combines two vulnerabilities and additional techniques targeting bare-metal M5 hardware with kernel MIE enabled. Calif said Mythos Preview helped identify the vulnerabilities and assist throughout exploit development, but added that human expertise was still necessary to bypass Apple's new MIE protections. "Part of our motivation was to test what's possible when the best models are paired with experts," the company wrote. "Landing a kernel memory corruption exploit against the best protections in a week is noteworthy, and says something strong about this pairing." Memory corruption bugs are still one of the most common ways attackers break into operating systems and apps, because they can let an attacker crash the program, steal data, or even take control of it. Apple's MIE feature uses memory-tagging technology to make those attacks much harder. Anthropic released the preview version of Mythos in April after internal testing and outside evaluations suggested the model could autonomously identify and exploit software vulnerabilities at a level beyond previous public AI models. Rather than release it publicly, Anthropic restricted access to select technology companies, banks, and researchers under its Project Glasswing initiative. That same month, it was also revealed that the U.S. National Security Agency was using Mythos despite an ongoing feud between Anthropic and the Donald Trump administration. Mozilla later said Mythos identified 271 vulnerabilities in Firefox during internal testing, while the U.K.'s AI Security Institute found the model could autonomously complete sophisticated multi-stage cyberattack simulations. Users on Myriad -- a prediction market platform operated by Decrypt's parent company, Dastan -- do not believe a full release of Claude Mythos is imminent, penciling in just a 10.5% chance of a public launch by June 30, as of this writing. Calif called the Apple M5 exploit "a glimpse of what is coming." "Apple built MIE in a world before Mythos Preview," Calif wrote. "We're about to learn how the best mitigation technology on Earth holds up during the first AI bugmageddon."

Web infrastructure company Cloudflare says Claude Mythos reasoning 'looks like the work of a senior researcher'

It's been difficult as a layman in cybersecurity to figure out how seriously we should take all the hype and fear over Anthropic's Claude Mythos AI. But now I have something a little more concrete to grasp onto, as Cloudflare has been busy figuring out exactly what Mythos seems good for. The AI model recently swept through the cybersecurity industry and caused a stir by showing the magnitude of AI's potential threat to software security -- for instance, finding thousands of vulnerabilities in every OS and major web browser. But as a mere plebian sitting far from the techbro classes, and despite banks and other institutions rushing to reckon with it, I'd not been sure exactly how much stock to put behind the stink the AI model was causing. Checking over Cloudflare's analysis earlier today, however, has given me a little bit of a better idea. The company has been part of Anthropic's Project Glasswing. The idea behind this project (and presumably Mythos in general) seems to be to get in ahead of any bad actors in the AI arms race. It essentially has Anthropic as the 'good guy' that gets companies secured against the latest AI threats to cybersecurity, by using AI to identify the same threats a bad actor might. Anthropic explains: "Claude Mythos Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities... Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes." Glasswing gives selected important tech companies access to Mythos Preview to "scan and secure both first-party and open-source systems", with Anthropic giving up to $100 million of credits for them to use. The companies include Amazon Web Services, Apple, Google, Microsoft, Nvidia, and more, including Cloudflare. It might seem strange to have your cybersecurity strategy raise vulnerabilities to light that bad actors could, in theory, exploit, but that's nothing new: companies often hire 'red teams' to do such things so they can patch them. This is essentially the same idea, but on a whole new scale, given the use of AI. Overall, Cloudflare is impressed with Mythos, saying it's a "real step forward... not just a refinement of what came before... what changed with Mythos Preview is that a model can now take those low-severity bugs (which would traditionally sit invisible in a backlog) and chain them into a single, more severe exploit." Two features that Cloudflare says stood out about Mythos during the company's testing were its "exploit chain construction" (ie, its ability to chain vulnerabilities together intelligently into a single attack) and "proof generation" (ie, actually demonstrating that what it comes up with works). The model isn't perfect, however -- would one expect a "preview" to be so? Cloudflare, for instance, found it would sometimes pop up guardrails that didn't make sense, preventing legitimate security research. The company also seems to suggest that a lot of people have been thinking about Mythos somewhat incorrectly, focusing on how quickly it can find vulnerabilities for quick patching. And it discovered (the hard way) that it's better to use the AI model in a more directed and split-up way rather than just setting one Mythos agent to a big review with hands off. If you just set it to check out a giant codebase, it might struggle to maintain relevant context throughout the entire process in a way that a human researcher wouldn't. "Using the model directly in a coding agent turns out to be fine for manual investigation when a researcher already has a lead and wants a second pair of eyes. However, it's the wrong tool for achieving high coverage." The company ultimately found that using Mythos effectively means using a 'harness' that narrows its scope, relying on a second agent to clear signal from noise, and using multiple agents along the chain as well as in parallel. In other words, it seems like having lots of Mythos 'worker' with specific tasks works better than trying to have one super-worker Mythos taking on the entire codebase. Moving forward, rather than using Mythos solely with a focus on patching faster, Cloudflare thinks people's focus should be on architecture: "The harder question is what the architecture around the vulnerability should look like. The principle is to make exploitation harder for an attacker even when a bug exists, so that the gap between when a vulnerability is disclosed and when it is patched matters less. That means defenses that sit in front of the application and block the bug from being reached. It means designing the application so that a flaw in one part of the code cannot give an attacker access to other parts. It means being able to roll out a fix to every place the code is running at the same moment, rather than waiting on individual teams to deploy it." Exactly how Cloudflare plans to use Mythos in this way is something the company is still keeping close to its chest, but it says it will "share more on what that means for customers in the weeks ahead." Cloudflare is far from unfamiliar with AI. The company has previously said that "increasingly the distinction between bots and humans is moot", at least when it comes to how websites (which often run through Cloudflare servers) treat users. So I suppose it's no surprise the company is diving into a heavily agentic approach to cybersecurity. Though if Mythos really is as much of a leap ahead as the company is suggesting, it might be a case of 'get to it before your adversaries do' -- the AI arms race churns on whether we want it or not.

Myhtos reportedly helped researchers uncover macOS exploit

Anthropic's advanced artificial intelligence tools for finding software vulnerabilities have drawn significant media attention. In March, Mozilla researchers reported that Anthropic's Claude Opus 4.6 identified 14 high-severity bugs and 22 CVEs in two weeks, surpassing the performance of human researchers at Mozilla. Using a trial version of Anthropic's Mythos model, security researchers from Calif, a Palo Alto-based cybersecurity firm, claimed to have bypassed security measures of Apple's macOS. They stated that a "privilege escalation exploit," combined with another attack vector, could enable malicious actors to gain control of a target device. The researchers explained they developed software linking two separate bugs and employed various techniques to "corrupt the Mac's memory" to access restricted components. Discovery of the exploit took five days, requiring collaborative effort from human hackers and the Mythos model. Apple is currently reviewing the researchers' report to verify its findings. "Security is our top priority, and we take reports of potential vulnerabilities very seriously," an Apple spokesperson told The Wall Street Journal. Anthropic launched Mythos, initially known as Project Glasswing, in April with access limited to around 40 selected tech companies. The company reported that Mythos has identified thousands of high-severity vulnerabilities across various operating systems and web browsers, warning of severe consequences if such capabilities fall into the hands of malicious individuals. Michał Zalewski, a Google security researcher, evaluated the findings from Calif, albeit without direct involvement in the research. He noted that while some hype surrounding Mythos may be "overblown," it still offers potential for significant vulnerability research and code auditing. Amid the discussions of Mythos's capabilities, concerns have emerged about the model's potential dangers if made publicly available. Gary McGraw, a former cybersecurity executive at Synopsys, entered the conversation, asserting that the technology is not inherently too dangerous to release. He emphasized the necessity of addressing the actual cybersecurity challenges rather than restricting access to useful tools.

Anthropic Mythos helped researchers break Apple M5 shield on macOS: Report

Apple has been informed and is now reviewing the reported security issue. Apple has long been known for strong data and device security. However, the company's reputation has come under pressure after a cybersecurity startup claimed it uncovered major flaws in macOS protections using an advanced AI model. Calif said its researchers developed a working exploit targeting Apple's latest M5 chip security system in less than a week. The company added that Anthropic's Mythos Preview AI model helped create the program used to breach macOS security. Calif said it has already shared its findings with Apple. According to reports, the Cupertino-based tech giant is now reviewing the claims and examining the reported vulnerabilities for possible security weaknesses. Calif, a Palo Alto-based research firm, said that they exploited Apple's Memory Integrity Enforcement, which is also known as MIE. MIE is a hardware-backed security feature which is used to stop memory corruption attacks. The company described its exploit as the first public macOS kernel memory corruption attack capable of bypassing MIE protections on M5 hardware. Calif also claims that it is officially the only company that has created a first publicly known programme that can attack macOS and make an actual dent in it or manipulate kernel memory while getting past the MIE security protections on Apple's M5 chips. Also read: Google may no longer give 15GB free storage to everyone: Here is the catch According to Calif, the exploit linked two software bugs and several attack techniques to access restricted parts of the operating system. The company said the attack could eventually allow hackers to take control of a Mac device if paired with other exploits. In its blog post, Calif explained how quickly the project moved. Researcher Bruce Dang reportedly found the bugs on April 25, while cybersecurity expert Dion Blazakis joined the company on April 27. Calif said Josh Maine then developed the required tools, leading to a working exploit by May 1st. The company credited Anthropic's Mythos Preview model for helping identify patterns in known exploit categories. However, Calif chief executive Thai Duong told The Wall Street Journal that human expertise remained critical because Apple's MIE system was entirely new. Also read: Google reportedly working on Gemini Spark, an always-on AI assistant: Here is what it may do Apple confirmed to The Wall Street Journal that it is reviewing Calif's report. A company spokesperson told the outlet, 'Security is our top priority, and we take reports of potential vulnerabilities very seriously.' Calif said it presented its 55-page findings directly to Apple during a meeting in Cupertino, California. The company plans to release technical details publicly after Apple addresses the vulnerabilities. Meanwhile, the case is adding to growing concerns about how advanced AI systems could reshape cybersecurity threats in the near future.