A team of researchers used AI to compromise MacOS in an attack that defeats Apple’s most powerful hardware security system, which previously blocked all other known attacks.<\/p>\n\n\n\n
Many security experts consider Apple devices the world’s most secure consumer platform, but the researchers used Mythos, Anthropic’s most powerful generative model, to crack MacOS.<\/p>\n\n\n\n
According to researchers at security company Calif, the hack began at an unprivileged local user level and ended with full administrative access to the operating system.<\/p>\n\n\n\n
“We’ve been on a fun journey exploring how AI can help build exploits that still work under MTE,” researchers said in a blog post detailing the hack.<\/p>\n\n\n\n
MTE is ARM’s Memory Tagging Extension, the core of Apple’s hardware-assisted memory-safety system, Memory Integrity Enforcement (MIE). The goal was to hack MIE.<\/p>\n\n\n\n
“It was introduced as the marquee security feature for the Apple M5 and A19, specifically designed to stop memory corruption exploits,” they said.<\/p>\n\n\n\n
Through the hardware-assisted memory safety system, which Apple punted as its mightiest security feature, the researchers were able to perform a complete hack of MacOS memory.<\/p>\n\n\n\n
They said this was the vulnerability class behind many of the most sophisticated compromises on iOS and MacOS environments.<\/p>\n\n\n\n
“Memory corruption remains the most common vulnerability class everywhere, including iOS and MacOS,” they explained.<\/p>\n\n\n\n
“In security, if you can’t fully prevent something, you mitigate it by making exploitation more expensive.”<\/p>\n\n\n\n
Apple pushed many mitigation measures directly into its hardware, making bypassing them significantly more difficult. The latest of these was MIE.<\/p>\n\n\n\n
“Apple spent five years building it. Probably billions of dollars too,” they said. MIE can disrupt every public exploit chain targeting modern iOS, including the widely reported Corona and DarkSword exploits.<\/p>\n\n\n\n
Calif said that the attack path to crack MacOS started with an accidental discovery. One of its researchers, Bruce Deng, found the bug that would be the doorway on 25 April 2026.<\/p>\n\n\n\n
Deng was joined by Bion Blazakis and Josh Maine in carrying out the exploit, and by 1 May, the team had created a working exploit.<\/p>\n\n\n\n
“The implementation path involves two vulnerabilities and several techniques, targeting bare-metal M5 hardware with kernel MIE enabled,” they said.<\/p>\n\n\n\n
![\"\"](\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/03\/Dario-Amodei-Anthropic.jpg\")
The team used Mythos Preview, Anthropic’s most powerful generative AI model built for super advanced coding, which has been given to only a handful of security and tech companies worldwide.<\/p>\n\n\n\n
Anthropic previously said that Mythos could easily uncover zero-day exploits in the systems of the world’s largest corporations that would be extremely difficult for humans to find.<\/p>\n\n\n\n