Apple Mac M5 System Exploited With Anthropic's Claude Mythos AI, Researchers Claim

Security researchers have demonstrated a macOS kernel exploit built with assistance from Anthropic's Claude Mythos AI model, according to findings from security startup Calif. The researchers leveraged a preview version of the advanced language model to help develop the attack against Apple's Mac M-series architecture.

The exploit targets the macOS kernel, the core of Apple's operating system. Claude Mythos, Anthropic's latest AI model, apparently provided sufficient technical guidance to enable researchers to craft kernel-level code execution. This marks a notable example of frontier AI models being used to identify and develop system vulnerabilities.

Calif, the security firm reporting the research, highlighted the incident as evidence that cutting-edge AI systems like Claude can assist in discovering zero-day exploits and building attack tools. The development underscores growing concerns within the cybersecurity community about AI-assisted vulnerability research.

Apple's M-series chips power modern MacBooks and represent a significant departure from Intel architecture. Kernel exploits targeting these systems carry severe consequences, potentially allowing attackers to bypass security controls and gain complete system access. The ability to weaponize such exploits remains particularly concerning given the high-value targets using Mac systems, especially in creative industries and among developers.

Anthropic has positioned Claude as a responsible AI system with built-in safety measures. However, this incident demonstrates that even AI systems designed with security constraints can be leveraged for offensive security research. The company has not yet publicly commented on the specific exploit or whether this represents a failure of its safety protocols.

The timing coincides with broader industry discussion about dual-use AI capabilities. As language models grow more sophisticated, the gap between their ability to assist legitimate security research and their potential for misuse continues narrowing. Security researchers face ongoing pressure to responsibly disclose vulnerabilities while preventing malicious actors from exploiting the same AI tools.

The incident suggests Apple may need to review its vulnerability handling processes for kernel-level exploits discovered through AI assistance, setting precedent for how tech companies respond to AI-enabled security research.