Apple Mac M5 System Exploited With Anthropic’s Claude Mythos AI, Researchers Claim

Apple units have lengthy been thought-about among the many hardest client methods to hack due to the corporate’s tightly built-in {hardware} and software program safety. Now, a safety startup claims a small group of researchers used a preview model of Anthropic’s Claude Mythos to construct a working exploit towards Apple’s new M5 chip protections in lower than per week.

In a Substack submit printed Thursday, the Vietnam-based Calif mentioned it developed what it describes as the primary public macOS kernel reminiscence corruption exploit able to surviving Apple’s new Reminiscence Integrity Enforcement, or MIE, protections on M5 {hardware}. Calif mentioned it shared the findings with Apple in a gathering on the tech large’s headquarters in California.

“We wished to report it in particular person, as an alternative of getting buried within the submission flood that some unlucky Pwn2Own members simply skilled,” Calif wrote. “Most revered hackers keep away from human interplay each time attainable, so this bodily technique could give us a slight edge within the everlasting race for 5 minutes of fame and glory on Twitter.”

In keeping with Calif, the “assault path” was found by chance after researchers discovered the bugs on April 25, then developed a working exploit by Might 1.

]]>

The exploit chain targets macOS 26 operating on Apple M5 methods. In keeping with the corporate, the assault begins from an unprivileged native person account and escalates to root entry utilizing normal system calls. The exploit reportedly combines two vulnerabilities and extra methods concentrating on bare-metal M5 {hardware} with kernel MIE enabled.

Calif mentioned Mythos Preview helped establish the vulnerabilities and help all through exploit improvement, however added that human experience was nonetheless essential to bypass Apple’s new MIE protections.

“A part of our motivation was to check what’s attainable when the very best fashions are paired with consultants,” the corporate wrote. “Touchdown a kernel reminiscence corruption exploit towards the very best protections in per week is noteworthy, and says one thing robust about this pairing.”

Reminiscence corruption bugs are nonetheless one of the frequent methods attackers break into working methods and apps, as a result of they’ll let an attacker crash this system, steal knowledge, and even take management of it. Apple’s MIE function makes use of memory-tagging expertise to make these assaults a lot tougher.

Anthropic launched the preview model of Mythos in April after inner testing and outdoors evaluations recommended the mannequin may autonomously establish and exploit software program vulnerabilities at a degree past earlier public AI fashions.

Relatively than launch it publicly, Anthropic restricted entry to pick expertise firms, banks, and researchers below its Venture Glasswing initiative. That very same month, it was additionally revealed that the U.S. Nationwide Safety Company was utilizing Mythos regardless of an ongoing feud between Anthropic and the Donald Trump administration.

Mozilla later mentioned Mythos recognized 271 vulnerabilities in Firefox throughout inner testing, whereas the U.Okay.’s AI Safety Institute discovered the mannequin may autonomously full subtle multi-stage cyberattack simulations.

Customers on Myriad—a prediction market platform operated by Decrypt’s guardian firm, Dastan—don’t consider a full launch of Claude Mythos is imminent, penciling in only a 10.5% probability of a public launch by June 30, as of this writing.

Calif known as the Apple M5 exploit “a glimpse of what’s coming.”

“Apple constructed MIE in a world earlier than Mythos Preview,” Calif wrote. “We’re about to find out how the very best mitigation expertise on Earth holds up in the course of the first AI bugmageddon.”