A small team of researchers claims to have exploited Apple’s M5 chip defenses in less than a week using AI, highlighting a significant shift in vulnerability discovery speed.
A small team of researchers has reportedly leveraged artificial intelligence to bypass the defenses of Apple’s latest M5 chip, indicating a rapid evolution in the cybersecurity landscape. The security startup Calif announced that its researchers utilized a preview version of Anthropic’s Claude Mythos to develop a working macOS kernel exploit against the M5 chip’s protections in under a week.
Apple devices are widely regarded for their robust security, attributed to the company’s stringent control over both hardware and software. However, the recent claims from Calif suggest that the speed at which vulnerabilities can be identified is changing dramatically. The exploit reportedly survived Apple’s Memory Integrity Enforcement (MIE), a security feature designed to thwart memory-based attacks on newer chipsets.
The implications of this discovery are concerning. With AI potentially enabling skilled researchers to uncover significant software flaws more quickly than ever, there is a risk that cybercriminals could also employ similar tools to identify vulnerabilities before companies have the chance to address them.
Calif asserts that it has developed what it describes as the first public macOS kernel memory corruption exploit on M5 silicon with MIE enabled. The exploit targets macOS version 26.4.1 running on Apple M5 hardware. It begins with a standard local user account and escalates to root access, granting an attacker the highest level of control over a Mac. This level of access could allow an attacker to alter system settings, access sensitive files, or execute commands with elevated permissions.
While this may sound alarming, it is essential to understand the context. Calif characterized this as a local privilege escalation chain, meaning that an attacker would first need a method to execute code on the Mac. This type of attack is more likely to occur following another malicious action, such as a compromised download or a malicious installer. Once the initial foothold is established, a privilege escalation vulnerability can facilitate deeper access.
Memory corruption vulnerabilities have long been a favored target for attackers, as they can enable various malicious activities, including crashing software, stealing data, or taking control of system components. Apple’s MIE was specifically designed to make such attacks significantly more challenging. The feature employs hardware-assisted memory safety protections on A19 and M5 processors, helping the chip and operating system monitor software interactions with memory for suspicious behavior.
Calif’s claims warrant attention, as the researchers assert they found a way to circumvent these protections with assistance from Mythos Preview. This suggests that AI could indeed accelerate the search for vulnerabilities, even in systems equipped with advanced security measures.
According to Calif, Mythos Preview played a crucial role in identifying the vulnerabilities and supporting the exploit development process. However, the company emphasized that human expertise remained vital. Mythos was able to quickly identify the flaws because they belonged to known categories, but bypassing Apple’s new protections required the skills of experienced researchers. In essence, AI helped direct the researchers to potential weaknesses, but it was the human element that transformed those insights into a functioning exploit.
This development is not isolated to Apple. Mozilla has also recognized the potential of AI in cybersecurity, reporting that an early version of Claude Mythos Preview assisted in identifying 271 vulnerabilities that were subsequently fixed in Firefox 150. This highlights a broader trend where advanced AI tools may enhance the efficiency of security researchers, while simultaneously posing a risk of enabling attackers to discover software flaws more rapidly.
For many users, the concept of kernel exploits may seem abstract, overshadowed by everyday concerns like email and personal data. However, the implications of this research are significant. If researchers can identify critical vulnerabilities more swiftly with the aid of AI, it stands to reason that attackers may soon follow suit. The speed at which flaws that once took months to uncover can now be revealed is alarming.
Calif described its findings as “a glimpse of what is coming,” underscoring the urgency of the situation. Cybersecurity teams may need to adopt AI technologies to defend their systems as quickly as attackers utilize AI to exploit vulnerabilities. Despite these developments, it is important to note that Apple’s security model remains one of the strongest in consumer technology, and MIE has not failed as a protective measure. However, the need for timely updates has never been more critical.
Calif has communicated its findings to Apple and plans to release detailed technical information following the company’s issuance of a fix. This responsible approach to disclosure ensures that vulnerabilities are addressed before they can be exploited by malicious actors.
In light of these developments, users can take proactive steps to enhance their security. Regular software updates are essential; users should navigate to the Apple menu, select System Settings, then General, and finally Software Update to install any available macOS updates. Enabling automatic updates can also ensure that critical security fixes are applied promptly.
It is advisable to exercise caution when downloading applications, particularly from links, pop-ups, or unfamiliar websites. Malicious applications can serve as entry points for attackers, so users should download software exclusively from the Mac App Store or trusted developers. Additionally, users should be wary of installers received through email or social media links.
Implementing strong antivirus software can provide an additional layer of protection, helping to detect malicious downloads and suspicious links. Users should also review app permissions to sensitive areas of their Mac, ensuring that only recognized applications have access.
Turning on two-factor authentication for Apple accounts adds another layer of security, and using a strong, unique password is essential. Password managers can assist in generating and storing unique passwords for various accounts.
As the cybersecurity landscape evolves, users must remain vigilant. Apple’s robust security measures are still in place, but the emergence of AI-driven vulnerabilities presents new challenges. Keeping devices updated, being cautious with installations, and regularly reviewing app permissions are critical steps in maintaining security in an increasingly complex digital environment.
As AI continues to reshape the cybersecurity landscape, the question arises: should companies be required to disclose their AI usage in identifying and addressing security flaws before attackers exploit them? This ongoing conversation will be crucial as we navigate the future of digital security.
For further insights, please refer to Calif.