Only five days! Anthropic's confidential Mythos model breaks through Apple's five-year M5 memory defense

AIMPACT News, May 16 (UTC+8). According to Dongcha Beating Monitoring, the security research team Calif announced that they used the Mythos Preview model, which has not yet been publicly released by Anthropic, to successfully build the first publicly available macOS kernel memory corruption exploit chain on Mac devices running on M5 chips. MIE (Memory Integrity Enforcement) is Apple’s flagship hardware security mechanism built for the M5 and A19 chips. Apple invested five years and tens of billions of dollars in it. The mechanism was not originally designed to be absolutely immune to hackers, but rather to mitigate memory corruption vulnerabilities by greatly increasing the cost of exploitation. From identifying the flaw to completing the exploit, the Calif team took only five days.

This attack chain includes two vulnerabilities and multiple techniques. Starting from an unprivileged local ordinary user, it relies solely on standard system calls, ultimately obtaining root privileges on the device. This exploit chain is a purely data-driven kernel local privilege escalation that directly targets macOS 26.4.1 bare-metal real hardware with the kernel MIE mechanism enabled.

The Mythos model is good at quickly generalizing from learning a specific type of attack to similar problems. It helped the team rapidly locate flaws belonging to a known vulnerability class; then, later, human experts overcame new hardware defenses. This breach-proofing validated the highly efficient combination of “AI discovering vulnerabilities + experts bypassing defenses,” and also proved that with the assistance of top large models, a small security team can challenge the technical barriers that large companies have built at great expense.

(Source: BlockBeats)