A security startup claims its researchers used a preview of Anthropic's Claude Mythos AI to build a working exploit against Apple's new M5 chip protections in under a week.
Calif, based in Vietnam, says it developed the first public macOS kernel memory corruption exploit capable of surviving Apple's new Memory Integrity Enforcement (MIE) on M5 hardware. The company says it reported the findings in person at Apple's California headquarters.
The attack chain targets macOS 26 on M5 systems, starting from an unprivileged local account and escalating to root access using standard system calls. The exploit combines two vulnerabilities and additional techniques targeting bare-metal M5 hardware with kernel MIE enabled.
Calif says the attack path was discovered accidentally on April 25, with a working exploit developed by May 1. The company noted that while Mythos Preview helped identify bugs and assist with development, human expertise was still necessary to bypass MIE.
Anthropic released the Mythos preview in April, restricting access to select tech companies, banks, and researchers under Project Glasswing. The U.S. National Security Agency has been using Mythos despite tensions between Anthropic and the Trump administration.
Mozilla reported Mythos identified 271 Firefox vulnerabilities during testing. The UK's AI Security Institute found the model could autonomously complete sophisticated multi-stage cyberattack simulations.
Calif called the exploit "a glimpse of what is coming," noting that Apple built MIE before Mythos Preview existed.