Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim

Apple devices person agelong been considered among the hardest user systems to hack due to the fact that of the company’s tightly integrated hardware and bundle security. Now, a information startup claims a tiny squad of researchers utilized a preview mentation of Anthropic’s Claude Mythos to physique a moving exploit against Apple’s caller M5 spot protections successful little than a week.

In a Substack station published Thursday, the Vietnam-based Calif said it developed what it describes arsenic the archetypal nationalist macOS kernel representation corruption exploit susceptible of surviving Apple’s caller Memory Integrity Enforcement, oregon MIE, protections connected M5 hardware. Calif said it shared the findings with Apple successful a gathering astatine the tech giant’s office successful California.

“We wanted to study it successful person, alternatively of getting buried successful the submission flood that immoderate unfortunate Pwn2Own participants conscionable experienced,” Calif wrote. “Most respected hackers debar quality enactment whenever possible, truthful this carnal strategy whitethorn springiness america a flimsy borderline successful the eternal contention for 5 minutes of fame and glory connected Twitter.”

According to Calif, the “attack path” was discovered accidentally aft researchers recovered the bugs connected April 25, past developed a moving exploit by May 1.

The exploit concatenation targets macOS 26 moving connected Apple M5 systems. According to the company, the onslaught starts from an unprivileged section idiosyncratic relationship and escalates to basal entree utilizing modular strategy calls. The exploit reportedly combines 2 vulnerabilities and further techniques targeting bare-metal M5 hardware with kernel MIE enabled.

Calif said Mythos Preview helped place the vulnerabilities and assistance passim exploit development, but added that quality expertise was inactive indispensable to bypass Apple’s caller MIE protections.

“Part of our information was to trial what’s imaginable erstwhile the champion models are paired with experts,” the institution wrote. “Landing a kernel representation corruption exploit against the champion protections successful a week is noteworthy, and says thing beardown astir this pairing.”

Memory corruption bugs are inactive 1 of the astir communal ways attackers interruption into operating systems and apps, due to the fact that they tin fto an attacker clang the program, bargain data, oregon adjacent instrumentality power of it. Apple’s MIE diagnostic uses memory-tagging exertion to marque those attacks overmuch harder.

Anthropic released the preview mentation of Mythos successful April aft interior investigating and extracurricular evaluations suggested the exemplary could autonomously place and exploit bundle vulnerabilities astatine a level beyond erstwhile nationalist AI models.

Rather than merchandise it publicly, Anthropic restricted access to prime exertion companies, banks, and researchers nether its Project Glasswing initiative. That aforesaid month, it was besides revealed that the U.S. National Security Agency was using Mythos contempt an ongoing feud betwixt Anthropic and the Donald Trump administration.

Mozilla aboriginal said Mythos identified 271 vulnerabilities successful Firefox during interior testing, portion the U.K.’s AI Security Institute found the exemplary could autonomously implicit blase multi-stage cyberattack simulations.

Users connected Myriad—a prediction marketplace level operated by Decrypt's genitor company, Dastan—do not judge a afloat merchandise of Claude Mythos is imminent, penciling successful just a 10.5% accidental of a nationalist launch by June 30, arsenic of this writing.

Calif called the Apple M5 exploit “a glimpse of what is coming.”

“Apple built MIE successful a satellite earlier Mythos Preview,” Calif wrote. “We’re astir to larn however the champion mitigation exertion connected Earth holds up during the archetypal AI bugmageddon.”