Claude Mythos Aids ‘White Hat’ Hackers in Breaching macOS

Researchers bypassed Apple's MIE in macOS using Claude Mythos AI.

Cybersecurity researchers from Calif, utilizing the much-discussed AI model Claude Mythos, managed to bypass Apple’s Memory Integrity Enforcement (MIE) protection mechanism in macOS.

In April, the company discovered two vulnerabilities in macOS and linked them into an attack chain. This allowed a regular local user to gain root access—the highest privileges in the system.

The breach was tested on an actual device with an M5 chip, where MIE protection was enabled.

Experts have informed Apple of the issue and plan to publish technical details once it is resolved.

In their view, Mythos could not have executed the attack alone without human assistance. It can replicate already described methods but not invent new ones.

Apple’s Security

Errors related to improper memory operation remain the most common type of vulnerabilities almost everywhere, including iOS and macOS. In cybersecurity, there is a simple principle: if a problem cannot be completely prevented, one must accept the risk and attempt to mitigate it. One option is to make the attack much more complex and costly for the attacker.

Such protective measures are not cheap. Calif emphasized that Apple acts wisely and controls the entire system—from hardware to software. Therefore, the company has integrated many protective mechanisms directly into the chips, making them very difficult to bypass. Many security experts consider Apple devices the most secure mass-market platform for regular users.

The latest example is MIE. This is Apple’s memory protection system, which operates using the chip’s hardware capabilities. It was introduced as one of the main security features in Apple M5 and A19. It is specifically designed to stop attacks based on memory operation errors.

Apple developed the system over five years. MIE disrupts all publicly known attack chains against modern versions of iOS, including the recently leaked Coruna and Darksword toolsets.

Calif explored how AI can assist in creating attacks that still work even with such memory protection.

The path to breaching macOS was discovered accidentally. Bruce Dang found the errors on April 25. Josh Main created the necessary tools, and by May 1, a working version was ready.

“This experiment shows what might await us next. Apple developed MIE in a world where Mythos Preview did not yet exist. Now we will see how the world’s best protection technology withstands the first major wave of vulnerabilities found with AI,” the experts concluded.

Back in April, Anthropic declined to release Mythos publicly due to high security risks.