Anthropic Mythos AI helps researchers expose macOS vulnerabilities in Apple M5 systems

New macOS vulnerabilities were exposed by Anthropic's Mythos: report - 9to5Mac

Anthropic's Mythos AI model has famously been kept fairly secret due to its apparent risk to software systems around the world. And today a new report says Mythos was used to expose macOS security vulnerabilities that Apple is investigating now. Robert McMillan, writing at The Wall Street Journal: Security researchers say they have discovered a new way of circumventing Apple's state-of-the art security technology, using techniques they discovered while testing an early version of Anthropic's Mythos AI software in April. The researchers with Calif, a Palo Alto-based security research company, say the software they wrote links together two bugs and a handful of techniques to corrupt the Mac's memory and then gain access to parts of the device that should be inaccessible. It is what's known as a privilege escalation exploit, and if it were chained together with other attacks it could be used by a hacker to seize control of the computer. McMillan says that Apple is currently reviewing the report from Calif to validate its findings. A spokesperson from Apple told the WSJ: ""Security is our top priority, and we take reports of potential vulnerabilities very seriously." The team at Calif assembled a 55-page report that it delivered in person to Apple in Cupertino containing its findings. Calif's chief executive, Thai Dong, said that the attack "couldn't have been pulled off by Mythos alone and leveraged the very human cybersecurity expertise of some of Calif's hackers." Details regarding Calif's discoveries are going to be released by the company once the underlying issues are addressed by Apple. Duong told the WSJ that he thinks the bugs "will likely be fixed pretty quickly."

Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool

Anthropic recently announced Project Glasswing, an initiative that enables tech companies like Apple to use its new frontier AI model Claude Mythos Preview to find security vulnerabilities across operating systems and web browsers. The Wall Street Journal today reported that researchers at cybersecurity firm Calif used Claude Mythos Preview to uncover a new macOS security vulnerability last month. Specifically, they used the model to write code that links together two macOS bugs in a way that resulted in what is known as a privilege escalation exploit. The security researchers said the exploit would not have been possible with Mythos alone, as it still required their human expertise on top, but it nevertheless proves that AI can assist with discovering software vulnerabilities. Apple said it was reviewing Calif's report to validate the findings. "Security is our top priority, and we take reports of potential vulnerabilities very seriously," an Apple spokesperson told The Wall Street Journal. It is unclear if Apple has already patched the exploit. Apple's security notes for the macOS 26.5 update released this week mention a fix for a kernel-level vulnerability, and it credits Calif and Anthropic for discovering it. Yet, the report said that Calif only met with Apple this week and suggested that a fix was still coming. We have reached out to Apple for comment.

Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim - Decrypt

The company says a preview version of Anthropic's Claude Mythos AI helped identify bugs and assist with exploit development. Apple devices have long been considered among the hardest consumer systems to hack because of the company's tightly integrated hardware and software security. Now, a security startup claims a small team of researchers used a preview version of Anthropic's Claude Mythos to build a working exploit against Apple's new M5 chip protections in less than a week. In a Substack post published Thursday, the Vietnam-based Calif said it developed what it describes as the first public macOS kernel memory corruption exploit capable of surviving Apple's new Memory Integrity Enforcement, or MIE, protections on M5 hardware. Calif said it shared the findings with Apple in a meeting at the tech giant's headquarters in California. "We wanted to report it in person, instead of getting buried in the submission flood that some unfortunate Pwn2Own participants just experienced," Calif wrote. "Most respected hackers avoid human interaction whenever possible, so this physical strategy may give us a slight edge in the eternal race for five minutes of fame and glory on Twitter." According to Calif, the "attack path" was discovered accidentally after researchers found the bugs on April 25, then developed a working exploit by May 1. The exploit chain targets macOS 26 running on Apple M5 systems. According to the company, the attack starts from an unprivileged local user account and escalates to root access using standard system calls. The exploit reportedly combines two vulnerabilities and additional techniques targeting bare-metal M5 hardware with kernel MIE enabled. Calif said Mythos Preview helped identify the vulnerabilities and assist throughout exploit development, but added that human expertise was still necessary to bypass Apple's new MIE protections. "Part of our motivation was to test what's possible when the best models are paired with experts," the company wrote. "Landing a kernel memory corruption exploit against the best protections in a week is noteworthy, and says something strong about this pairing." Memory corruption bugs are still one of the most common ways attackers break into operating systems and apps, because they can let an attacker crash the program, steal data, or even take control of it. Apple's MIE feature uses memory-tagging technology to make those attacks much harder. Anthropic released the preview version of Mythos in April after internal testing and outside evaluations suggested the model could autonomously identify and exploit software vulnerabilities at a level beyond previous public AI models. Rather than release it publicly, Anthropic restricted access to select technology companies, banks, and researchers under its Project Glasswing initiative. That same month, it was also revealed that the U.S. National Security Agency was using Mythos despite an ongoing feud between Anthropic and the Donald Trump administration. Mozilla later said Mythos identified 271 vulnerabilities in Firefox during internal testing, while the U.K.'s AI Security Institute found the model could autonomously complete sophisticated multi-stage cyberattack simulations. Users on Myriad -- a prediction market platform operated by Decrypt's parent company, Dastan -- do not believe a full release of Claude Mythos is imminent, penciling in just a 10.5% chance of a public launch by June 30, as of this writing. Calif called the Apple M5 exploit "a glimpse of what is coming." "Apple built MIE in a world before Mythos Preview," Calif wrote. "We're about to learn how the best mitigation technology on Earth holds up during the first AI bugmageddon."