Security researchers use Anthropic's Mythos Preview to bypass Apple's M5 memory protection in 5 days

Security researchers at Calif have used Anthropic's Mythos Preview model to develop a working macOS kernel memory corruption exploit on M5 silicon in five days, bypassing Apple's five-year security effort.

The exploit chain targets macOS 26.4.1 (25E253) and escalates privileges from an unprivileged local user to a root shell using only normal system calls. The implementation path involves two vulnerabilities and several techniques, targeting bare-metal M5 hardware with kernel Memory Integrity Enforcement (MIE) enabled.

Background on Apple's MIE

Apple introduced Memory Integrity Enforcement (MIE) in 2025 as a hardware-assisted memory safety system built on Arm's Memory Tagging Extension (MTE) specification from 2019. MTE works as a memory tagging and tag-checking system where every memory allocation is tagged with a secret, and hardware only grants access requests if they contain the correct secret.

Apple developed MIE after determining MTE wasn't robust enough under certain circumstances. The company initially built it into all iPhone 17 and iPhone Air models, and recently brought it to MacBooks with the M5 chip. According to Apple's research, MIE disrupts every public exploit chain against modern iOS, including the recently leaked Coruna and Darksword exploit kits.

The exploit timeline

According to Calif, the discovery was accidental:

• April 25: Bruce Dang found the bugs
• April 27: Dion Blazakis joined Calif
• May 1: Josh Maine completed tooling and the team had a working exploit

The entire process took five days from initial bug discovery to working exploit.

Mythos Preview's role

The Calif team describes Mythos Preview as "powerful" in their technical writeup: "Once it has learned how to attack a class of problems, it generalizes to nearly any problem in that class."

According to the team, Mythos discovered the bugs quickly because they belong to known bug classes. However, autonomously bypassing MIE proved trickier, requiring human expertise. The researchers tested what's possible when leading AI models are paired with security experts.

Mythos Preview assisted throughout the collaborative exploit development process, from identifying the bugs to helping build the attack chain.

Apple's response

Calif has produced a 55-page technical report on the exploit but will not release it until Apple ships a fix. The team visited Apple Park to share their vulnerability research report directly with Apple's security team.

What this means

The exploit demonstrates that advanced AI models can significantly accelerate security research, compressing work that might have taken months into days when paired with expert researchers. The Calif team notes that Apple's MIE and most security mitigations currently in use were "built in a world before Mythos Preview."

The researchers warn that small teams with AI assistance can now make rapid security discoveries, suggesting the industry is entering what they call "the first AI bugmageddon." The case raises questions about whether existing security mitigations can withstand AI-assisted vulnerability research.

The exploit specifically targets the M5 chip's MIE implementation on macOS, suggesting Apple's security measures face new challenges in the AI era. However, the responsible disclosure approach—withholding technical details until a patch is available—follows standard security research practices.