Anthropic’s advanced cybersecurity-focused AI model, Claude Mythos, has reportedly helped security researchers uncover what is being described as the first public macOS kernel memory corruption exploit on Apple’s M5 silicon. According to a report by The Wall Street Journal, researchers from Palo Alto-based security firm Calif used Claude Mythos Preview to identify vulnerabilities in macOS and assist with developing an exploit capable of granting an unprivileged local user complete access to a device.
The exploit allegedly involves two vulnerabilities alongside several attack techniques. While the researchers did not disclose full technical details, Calif claimed in a blog post that Anthropic’s AI model was able to quickly recognise the bugs because they belonged to known vulnerability classes. “Mythos Preview is powerful: once it has learned how to attack a class of problems, it generalises to nearly any problem in that class,” they wrote.
Despite the AI’s involvement, Calif stressed that human expertise still played a major role in designing and refining the exploit chain. Nonetheless, the findings further highlight how increasingly capable AI systems can accelerate vulnerability research and potentially uncover attack paths that may have otherwise gone unnoticed. The firm added that they had met with Apple at Apple Park earlier this week to discuss the issue.
Calif said it is withholding full technical details until Apple patches the vulnerabilities and closes the exploit path. That said, MacRumors noted that the release notes for macOS Tahoe 26.5, released earlier this week, referenced fixes submitted by the cybersecurity firm in collaboration with Claude and Anthropic Research. Calif was also credited in two additional vulnerability reports tied to the update.
Apple itself has acknowledged the research findings in a comment to The Wall Street Journal. “Security is our top priority, and we take reports of potential vulnerabilities very seriously,” a representative said.
Claude Mythos itself is not publicly available. Anthropic currently limits access to select partners and organisations through its Project Glasswing cybersecurity initiative. Participants include major firms such as Amazon Web Services, Cisco, CrowdStrike, Google, Microsoft, NVIDIA, Linux Foundation, and even Apple.
Interestingly, the news also follows a recent disclosure involving AI-assisted cyberattacks. Earlier this month, Google revealed that it successfully blocked what it described as the first known AI-assisted zero-day cyberattack attempt, with the attacker reportedly using AI tools to aid exploit development and vulnerability research. Meanwhile, Mozilla also revealed that it managed to identify and patch 271 vulnerabilities in the latest version of its Firefox browser with help from Mythos.
