Mythos AI Helps Researchers Crack Apple M5 Kernel Security in 5 Days
Original: Elite researchers teamed up with Anthropic's Mythos AI to smash Apple's multi-billion dollar M5 security and build a kernel exploit in just 5 days. View original →
What Happened
Researchers at Calif, working alongside Anthropic's Mythos Preview AI, developed the first publicly disclosed macOS kernel memory corruption exploit that bypasses Apple M5's Memory Integrity Enforcement (MIE). The timeline: initial bug identification on April 25th, working exploit by May 1st — five days.
Why MIE Matters
MIE is Apple's flagship hardware-assisted memory safety system, built on ARM's Memory Tagging Extension, developed over five years at estimated cost in the billions. Apple's own research shows MIE disrupts every known public exploit chain against modern iOS, including the recently leaked Coruna and Darksword exploit kits. That is what was bypassed.
AI's Role
Mythos Preview rapidly identified bugs within known vulnerability classes. Human experts provided the specialized knowledge required to circumvent MIE's advanced protections. The team explicitly credits this human-AI collaboration with enabling a small group to achieve in one week what previously required large, well-resourced organizations.
The Bigger Picture
This isn't just a security disclosure — it is a demonstration of AI-accelerated vulnerability research capability. The same tools that enabled this responsible disclosure could be applied offensively. The team delivered a 55-page technical report directly to Apple Park. The defense side of the equation now has to contend with dramatically shortened attacker timelines.
Related Articles
Why it matters: the same model Anthropic framed as too dangerous for public release was reportedly exposed twice in quick succession. The Verge says Mythos was first revealed through an unsecured data trove, then reached by unauthorized users from day one through guessed infrastructure and contractor access.
Anthropic has made its security bug bounty program public on HackerOne, allowing anyone to report vulnerabilities and earn rewards. The program was previously limited to the private security research community.
Axios reports the NSA is using Anthropic's Mythos Preview even as Pentagon officials call the company a supply-chain risk. The clash puts AI safety limits, federal cyber demand, and procurement politics in the same room.
Comments (0)
No comments yet. Be the first to comment!