Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Declare – Decrypt

Apple units have lengthy been thought-about among the many hardest client methods to hack due to the corporate’s tightly built-in {hardware} and software program safety. Now, a safety startup claims a small crew of researchers used a preview model of Anthropic’s Claude Mythos to construct a working exploit towards Apple’s new M5 chip protections in lower than every week.

In a Substack submit revealed Thursday, the Vietnam-based Calif mentioned it developed what it describes as the primary public macOS kernel reminiscence corruption exploit able to surviving Apple’s new Reminiscence Integrity Enforcement, or MIE, protections on M5 {hardware}. Calif mentioned it shared the findings with Apple in a gathering on the tech big’s headquarters in California.

“We wished to report it in particular person, as a substitute of getting buried within the submission flood that some unlucky Pwn2Own individuals simply skilled,” Calif wrote. “Most revered hackers keep away from human interplay each time attainable, so this bodily technique could give us a slight edge within the everlasting race for 5 minutes of fame and glory on Twitter.”

In line with Calif, the “assault path” was found by accident after researchers discovered the bugs on April 25, then developed a working exploit by Might 1.

The exploit chain targets macOS 26 operating on Apple M5 methods. In line with the corporate, the assault begins from an unprivileged native person account and escalates to root entry utilizing customary system calls. The exploit reportedly combines two vulnerabilities and extra strategies concentrating on bare-metal M5 {hardware} with kernel MIE enabled.

Calif mentioned Mythos Preview helped determine the vulnerabilities and help all through exploit improvement, however added that human experience was nonetheless essential to bypass Apple’s new MIE protections.

“A part of our motivation was to check what’s attainable when the most effective fashions are paired with consultants,” the corporate wrote. “Touchdown a kernel reminiscence corruption exploit towards the most effective protections in every week is noteworthy, and says one thing sturdy about this pairing.”

Reminiscence corruption bugs are nonetheless one of the vital widespread methods attackers break into working methods and apps, as a result of they will let an attacker crash this system, steal knowledge, and even take management of it. Apple’s MIE characteristic makes use of memory-tagging know-how to make these assaults a lot tougher.

Anthropic launched the preview model of Mythos in April after inner testing and out of doors evaluations recommended the mannequin might autonomously determine and exploit software program vulnerabilities at a degree past earlier public AI fashions.

Reasonably than launch it publicly, Anthropic restricted entry to pick know-how corporations, banks, and researchers below its Mission Glasswing initiative. That very same month, it was additionally revealed that the U.S. Nationwide Safety Company was utilizing Mythos regardless of an ongoing feud between Anthropic and the Donald Trump administration.

Mozilla later mentioned Mythos recognized 271 vulnerabilities in Firefox throughout inner testing, whereas the U.Ok.’s AI Safety Institute discovered the mannequin might autonomously full subtle multi-stage cyberattack simulations.

Customers on Myriad—a prediction market platform operated by Decrypt‘s guardian firm, Dastan—don’t imagine a full launch of Claude Mythos is imminent, penciling in only a 10.5% likelihood of a public launch by June 30, as of this writing.

Calif known as the Apple M5 exploit “a glimpse of what’s coming.”

“Apple constructed MIE in a world earlier than Mythos Preview,” Calif wrote. “We’re about to find out how the most effective mitigation know-how on Earth holds up throughout the first AI bugmageddon.”