Apple reviews macOS exploit research after Mythos helps researchers find new attack path

Apple is reviewing a new security report after researchers said they used Anthropic’s Claude Mythos Preview to help develop a privilege escalation exploit against macOS, one of the most heavily defended consumer operating systems in the world.

The research was conducted by Calif, a Palo Alto-based security research company, which says its engineers used Mythos Preview during April testing to help identify and build an exploit chain involving two macOS bugs and several supporting techniques. The exploit reportedly corrupts Mac memory and can gain access to parts of the device that should normally be protected.

The flaw is described as a privilege escalation exploit. That means it would not necessarily give an attacker initial access to a Mac on its own, but could become highly dangerous if combined with another attack that first gets code running on the machine. In that scenario, a hacker could potentially escalate from limited access to deeper control of the system.

Calif said its engineers, working with Mythos Preview, built a working macOS kernel memory corruption exploit in five days. The company said the work targeted Apple’s newer memory protection technology, Memory Integrity Enforcement, which Apple introduced in 2025 as part of a major hardware and software effort to make memory corruption attacks harder to execute.

Apple is now reviewing the Calif report to validate its findings. The company has not yet released technical details of the bugs publicly, and Calif says it plans to publish more information once Apple has patched the underlying issues.

The discovery is significant because Apple has invested heavily in hardening macOS and Apple silicon against memory corruption, a long-running class of vulnerabilities that attackers have used for decades to break out of software restrictions, escalate privileges and compromise devices. Memory Integrity Enforcement was described by Apple as the result of a multi-year engineering effort combining hardware-assisted memory safety, operating system protections and secure allocation techniques.

Security researchers say the case does not mean Mythos autonomously invented an entirely new attack technique. Calif chief executive Thai Duong told reporters that human expertise remained essential, and that Mythos was strongest at reproducing and applying previously documented attack concepts rather than independently creating wholly novel methods.

Even so, the incident adds to growing concern that frontier AI models are accelerating vulnerability research. Tools that can help expert researchers compress complex exploit development from weeks or months into days could also intensify the pressure on vendors, maintainers and enterprise security teams to patch faster.

Anthropic’s Mythos Preview has already attracted intense attention in the cybersecurity industry. Mozilla recently said Mythos and other AI systems helped it ship 423 Firefox security fixes in April, including issues that had survived for years in the browser’s codebase.

Mozilla has argued that AI-assisted security tools could help defenders reduce the number of exploitable zero-days by finding long-hidden flaws earlier. At the same time, Anthropic has limited access to Mythos because of concern that a model capable of finding and exploiting software vulnerabilities could be misused.

The Calif research highlights both sides of that debate. In the hands of trusted researchers, AI-assisted analysis can help expose weaknesses in even highly secured systems before criminals or state-backed actors find them. But the same capability could increase the speed and sophistication of offensive hacking if released broadly or used without controls.

The timing also lands amid broader government concern about powerful AI cyber tools. Reports have indicated that US officials are reassessing how advanced models should be governed, with particular concern around systems capable of vulnerability discovery, exploit generation and large-scale cyber operations.

For Apple users, there is no public indication that the Calif-reported bugs have been exploited in the wild. The most important practical step remains the same: keep macOS and security updates current, avoid running untrusted software, and apply patches promptly when Apple releases them.

For the wider technology sector, the lesson is sharper. AI is beginning to change not only how software is built, but how it is broken. If models can help researchers find deep flaws in macOS, Firefox and other major platforms faster than traditional methods, the race between attackers and defenders is entering a more volatile phase.

As cyber threats become faster and more complex, stronger defence begins with understanding how these risks work. Knowledge is power. Upskill your cybersecurity awareness and strengthen your digital defences with The Hack Academy’s online training programme: https://training.thehackacademy.com/course/

Photo Credit: DepositPhotos.com