Calif — Researchers Bypass macOS Memory Integrity Enforcement Using Mythos AI

AI relevance: A security firm used Anthropic's Mythos AI to build a macOS Memory Integrity Enforcement bypass in just five days — demonstrating that frontier models are now practical tools for developing exploits against the hardest OS-level defenses.

Details

• Researchers at Calif (Palo Alto-based security firm) combined two separate bugs with multiple evasion techniques to corrupt macOS memory and gain access to highly restricted areas of the operating system.
• The exploit functions as a privilege escalation chain — a malicious actor could potentially seize full control of a computer if they combine these vulnerabilities with other initial attack vectors.
• The bypass targets Memory Integrity Enforcement (MIE), a defense system Apple spent five years engineering into its custom silicon and software stack to prevent memory corruption exploits without performance impact.
• Calif CEO Thai Duong reported that building the exploit code took just five days using Anthropic's Claude, though the effort still required significant human expertise to orchestrate.
• Former Google security researcher Michał Zalewski (lcamtuf) reviewed Calif's work and confirmed the technique is significant precisely because macOS is widely considered one of the toughest targets for hackers.
• Zalewski noted that while some hype around Mythos may be overblown, the model is "absolutely possible to use for meaningful vulnerability research and code auditing."
• Calif delivered a 55-page technical report in person to Apple's Cupertino headquarters; Apple confirmed it is actively reviewing the findings.
• Calif plans to withhold technical specifics of the attack chain until Apple releases patches for the underlying vulnerabilities.
• Duong noted that while Mythos excels at reproducing previously documented intrusion techniques and auditing code, the AI has not yet demonstrated the ability to invent entirely new exploitation methods on its own.

Why It Matters

• MIE was Apple's crown-jewel defense against memory corruption — bypassing it with AI assistance in five days signals a fundamental shift in the attacker/defender time asymmetry.
• The human-in-the-loop requirement means this isn't autonomous AI exploitation yet, but the five-day timeline compresses what previously required weeks or months of specialized research.
• Apple has joined Project Glasswing to deploy Mythos defensively across its infrastructure, creating a dynamic where the same model that helps Apple harden macOS can also be used (by authorized partners) to attack it.
• The finding adds to a growing pattern: AI-assisted vulnerability discovery is outpacing the ability of vendors to patch, with the White House reportedly considering an executive order to govern the most sophisticated AI models.

What to Do

• macOS security teams should treat MIE bypass techniques as credible near-term threats and evaluate whether their endpoint detection can identify the memory corruption patterns described in Calif's research.
• Organizations using AI-assisted code auditing should ensure findings are validated by human reviewers — the Calif case shows AI can accelerate exploit development when guided by expert researchers.
• Monitor Apple's security advisories for patches related to MIE and the two underlying bugs identified by Calif.

Sources

• iClarified — Researchers Bypass Advanced macOS Security Using Anthropic's Mythos AI
• Wall Street Journal — Anthropic's Mythos AI and the Apple macOS Bug