Researchers Use Anthropic's Mythos AI to Discover and Exploit macOS Kernel Memory Corruption on M5 Chip
A team of researchers leveraged Anthropic's Mythos AI model to identify and exploit a kernel memory corruption vulnerability in Apple's M5 chip, showcasing the growing role of AI in offensive security.
A team of security researchers has demonstrated a new frontier in vulnerability research by using Anthropic's Mythos AI model to discover and exploit a kernel memory corruption vulnerability in Apple's M5 chip. The work, reported by Schneier on Security, highlights how large language models can accelerate the traditionally labor-intensive process of finding and weaponizing low-level system flaws.
The vulnerability, a kernel memory corruption bug in Apple's latest M5 system-on-chip, was identified through an AI-assisted approach that combined static analysis and fuzzing guided by the Mythos model. The researchers then used the same AI to generate a working exploit, bypassing Apple's built-in security protections such as Kernel Integrity Protection and Pointer Authentication Codes. This marks one of the first public demonstrations of an end-to-end AI-driven exploit chain targeting a modern CPU.
The M5 chip, introduced in late 2025, powers Apple's high-end MacBook Pro and Mac Studio models. While Apple has not yet released a patch, the researchers responsibly disclosed the vulnerability to Apple's security team. The company is expected to address the issue in a future macOS update. In the meantime, users are advised to apply any available security patches promptly and to limit exposure to untrusted code.
The use of AI in vulnerability discovery is a rapidly evolving trend. Google has attributed a surge in Chrome vulnerability discoveries to AI-driven fuzzing, and Microsoft has open-sourced tools like Clarity and RAMPART for AI red-teaming. However, this work goes a step further by using AI not just to find bugs but to generate functional exploits, raising concerns about the democratization of advanced attack capabilities.
Security experts warn that as AI models become more capable, the barrier to entry for sophisticated attacks will lower. "This demonstration shows that AI can augment human expertise in vulnerability research, potentially enabling less skilled attackers to achieve results previously reserved for elite researchers," said one analyst. The research underscores the need for defensive AI tools and more robust hardware security features to counter AI-augmented threats.
Apple has not commented publicly on the report. The researchers have not released technical details or proof-of-concept code, but their work is expected to be presented at a future security conference. The incident adds to a growing body of evidence that AI is becoming a double-edged sword in cybersecurity, offering both powerful defensive capabilities and new offensive possibilities.