Researchers use Claude Mythos Preview to hack macOS - Techzine Global

Within five days, researchers at CalIF were able to crack macOS. A memory corruption on Apple’s M5 not only proves that this chip can also be exploited. Anthropic’s Claude Mythos Preview model proved to be a key AI assistant.

Although the Calif researchers cannot yet share all the details because the patch is still pending, the message has already reached Apple loud and clear. They visited the headquarters in Cupertino to discuss the exploit with the company. The successful attack bypasses Memory Integrity Enforcement (MIE), which Apple presented last September as the result of a five-year initiative to eradicate memory errors. The foundation already seemed strong, with the proud announcement at that same time that there had never been a widespread malware attack against iPhones.

MIE exploit

MIE is Apple’s hardware layer based on ARM’s MTE (Memory Tagging Extension), which has been making C and C++ code more secure since 2019. The attack is a data-only kernel privilege escalation chain on macOS 26.4.1. It starts from a regular local user and ends with a root shell. It exploits two vulnerabilities and uses only standard system calls. Bruce Dang discovered the bugs on April 25, Dion Blazakis joined the team on April 27, and Josh Maine built the necessary tooling. By May 1, a working exploit was available. This was largely thanks to the non-human team member.

Mythos Preview identified the vulnerabilities quickly. This was partly possible because they belong to known categories of bugs. Bypassing MIE, however, was new territory. Human expertise remained necessary to take that step, the Calif team explains. The full 55-page report will follow as soon as Apple releases a patch. Apple told The Wall Street Journal: “Security is our top priority, and we take reports of potential vulnerabilities very seriously.”

Mythos deployed defensively via Project Glasswing

Anthropic launched Project Glasswing in April with the goal of using AI to, ultimately, prevent AI attacks. Mythos Preview is the model that participants are allowed to use. It is plausible that cyberattackers will have similar AI tools at their disposal in the future, which is why Anthropic deemed it necessary to give defenders a head start. In addition to Apple, participants include AWS, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, NVIDIA, and Palo Alto Networks. Additionally, Mozilla previously used Mythos to identify and fix 271 vulnerabilities in Firefox.

Mythos Preview remains deliberately limited in availability for logical reasons. Anthropic considers the model too risky for a broad release. It can detect vulnerabilities resembling known types of bugs so quickly that previously unknown weaknesses may come to light. The Dutch government has already warned of the risks of the Mythos model. Meanwhile, Microsoft is integrating Mythos into its Security Development Lifecycle to detect vulnerabilities early in the development process.

OpenAI Responds with Daybreak

A few days ago, OpenAI introduced its own cybersecurity initiative: Daybreak. It uses multiple AI models, including the specialized security agent Codex. Daybreak is based on the premise that cybersecurity must be built into software from the start, rather than merely focusing on detecting and fixing vulnerabilities after the fact. OpenAI also uses the LLM GPT-5.5-Cyber, a direct counterpart to Mythos, and likewise intended for a limited group of trusted security researchers.