17h ago

Anthropic Mythos AI uncovers macOS M5 kernel vulnerabilities

1043.7K3131.6K1.1M

——0——

Anthropic Mythos AI enabled researchers to find two previously unknown macOS kernel vulnerabilities on M5 silicon. The flaws were chained into a privilege-escalation exploit that bypassed Memory Integrity Enforcement. The work took five days and roughly $35,000 in API usage. Researchers delivered a 55-page report to Apple headquarters. The demonstration on an M5 Max under macOS 26.4.1 produced the first public macOS kernel memory-corruption case on M5 hardware.

Original post

#1014@ROHANPAUL_AI @ROHANPAUL_AI

Rohan Paul@ROHANPAUL_AI

WSJ: Anthropic’s Mythos helped researchers find 2 unknown macOS kernel bugs and turn them into a working privilege escalation exploit in 5 days. The target was the macOS kernel, the deepest layer of Apple’s desktop operating system, where code controls memory, processes, permissions, and access to hardware. Mythos helped connect 2 separate flaws with extra exploitation techniques, which means the attack did not rely on one bug but on a chain where each step made the next step possible. The exploit allegedly corrupted memory, bypassed Apple’s memory integrity protections, and gained access to protected parts of the system that normal apps should never reach. This is serious because modern macOS defenses are built to make memory bugs hard to convert into control of the machine, not just hard to find. Mythos can become so powerful here because vulnerability research is a search problem with many dead ends, where the model can help form hypotheses, inspect code behavior, reason across low-level constraints, and suggest exploit paths faster than manual work alone. --- wsj .com/tech/ai/anthropic-mythos-apple-macos-bug-339da403

4:41 PM · May 14, 2026

Cluster engagement

49 snapshots

Reposted by

#1014@ROHANPAUL_AI

#43@CHRSZEGEDY

QUOTE POST

#1494Chubby♨️@KIMMONISMUS

Three researchers used Anthropic's Mythos to build a working macOS kernel exploit that bypasses Apple's M5 Memory Integrity Enforcement, a security system Apple spent five years and billions of dollars building.

Bug found April 25. Working exploit May 1. Walked into Apple Park to deliver the report in person.

MIE was the flagship security feature of the M5 and A19, designed to kill the entire memory corruption bug class. According to Apple's own research, it disrupted every known public exploit chain against modern iOS.

Calif didn't break MIE. They walked around it. Data-only attack, no pointer manipulation, standard syscalls from an unprivileged user to root.

The 55-page technical report drops after Apple patches. This is the story of the year in cybersecurity.

8:52 AM · May 16, 2026 · 2.1K Views