A security startup named Calif claims to have developed the first public macOS kernel memory corruption exploit capable of bypassing Apple's new Memory Integrity Enforcement (MIE) protections on M5 hardware. The exploit targets macOS 26 on Apple M5 systems, escalating from an unprivileged local user to root access via standard system calls. Calif says the vulnerabilities were discovered accidentally on April 25, and a working exploit was developed by May 1, with assistance from a preview version of Anthropic's Claude Mythos AI model. The company reported the findings to Apple in a personal meeting at Apple's headquarters. Apple has not yet commented. Mythos Preview, released in April to select organizations under Project Glasswing, has shown capabilities in autonomous vulnerability discovery and exploitation. Calif's achievement highlights the potential of combining advanced AI with human expertise to bypass even the strongest hardware security measures. Mozilla previously reported that Mythos identified 271 vulnerabilities in Firefox, and the UK's AI Security Institute found it could autonomously complete sophisticated cyberattack simulations. Calif describes this exploit as a glimpse of the future, noting that Apple built MIE in a world before such powerful AI tools existed. The company suggests that this demonstration shows how AI can accelerate the discovery of critical security flaws, potentially outpacing traditional defense mechanisms.

Key facts

• Calif claims first public exploit bypassing Apple M5's Memory Integrity Enforcement (MIE).
• Exploit uses two vulnerabilities, discovered April 25, working by May 1.
• Assisted by Anthropic's Claude Mythos Preview AI model.
• Reported to Apple in person at Cupertino headquarters.
• Mythos also found 271 Firefox bugs and can simulate multi-stage attacks.

KeyAudit data perspective