A security startup named Calif has reported the successful development of a sophisticated exploit targeting Apple’s M5 chip and its Memory Integrity Enforcement (MIE) system. Remarkably, the company claims that a preview version of Anthropic’s advanced AI model, Claude Mythos, played a significant role in identifying vulnerabilities and assisting in the creation of the macOS kernel exploit in under a week.
- macOS Kernel Exploit Developed: Calif has created a functional macOS kernel exploit designed to bypass Apple’s MIE protections on M5 hardware.
- AI-Assisted Vulnerability Discovery: The startup states that Anthropic’s Claude Mythos AI was instrumental in locating the bugs and aiding the exploit development process.
- Security Implications: This development raises questions about the efficacy of current security measures against advanced AI-assisted cyber threats.
- Apple’s Response Pending: As of this report, Apple has not issued a public statement regarding Calif’s claims.
Traditionally, Apple devices are known for their robust security due to the tight integration of hardware and software. However, Calif’s announcement suggests that even these fortified systems may be vulnerable to novel attack vectors enabled by cutting-edge AI. The company detailed its findings in a Substack post, emphasizing their decision to report the exploit directly to Apple in person rather than through traditional, often overwhelmed, disclosure channels.
The exploit chain, targeting macOS 26 on M5 systems, reportedly begins with an unprivileged local user account and escalates to root access by exploiting system calls. Calif indicated that the exploit combines two distinct vulnerabilities with specific techniques designed to circumvent the M5 chip’s bare-metal protections and MIE. While the AI model was crucial in discovering the weaknesses, Calif stressed that human expertise was indispensable in overcoming Apple’s latest MIE security measures.
This initiative by Calif was partly motivated by a desire to explore the synergistic capabilities of advanced AI models like Claude Mythos when paired with human security experts. The speed at which a kernel memory corruption exploit was developed against formidable defenses highlights the potential impact of such AI-human collaborations in cybersecurity research.
Memory corruption bugs remain a primary method for attackers to compromise operating systems and applications, offering pathways to crash programs, exfiltrate data, or seize control. Apple’s MIE technology, utilizing memory-tagging, aims to significantly complicate these types of attacks.
Anthropic’s Mythos Preview, released in April, was developed after internal and external evaluations demonstrated its proficiency in autonomously identifying and exploiting software vulnerabilities, surpassing the capabilities of many previous public AI models. Anthropic has restricted access to this powerful AI, offering it to select technology companies, financial institutions, and researchers through its Project Glasswing initiative.
Earlier reports indicated the U.S. National Security Agency was utilizing Mythos. Furthermore, Mozilla reported that Mythos helped identify 271 vulnerabilities within the Firefox browser during internal testing, and the U.K.’s AI Security Institute found the model capable of executing complex, multi-stage cyberattack simulations autonomously.
Long-Term Technological Impact on the Industry
The implications of AI models like Claude Mythos significantly accelerating the discovery and exploitation of system-level vulnerabilities, as suggested by Calif’s report, could fundamentally alter the cybersecurity landscape. This development signals a potential shift towards an “AI bugmageddon,” where traditional security architectures, including those considered state-of-the-art like Apple’s MIE, face unprecedented challenges. The ability of AI to rapidly analyze complex codebases and identify intricate bugs necessitates a proactive evolution in defense strategies. Future blockchain innovation and Web3 development must inherently incorporate AI-resistant security protocols and perhaps even leverage AI defensively to counter these emerging threats. Layer 2 scaling solutions and decentralized applications will need to undergo rigorous AI-driven security audits, moving beyond conventional testing methodologies. This event underscores the urgent need for the industry to develop advanced, AI-aware security paradigms that can keep pace with—or even anticipate—AI-powered offensive capabilities, ensuring the continued integrity and trustworthiness of digital infrastructure.
Based on materials from : decrypt.co