AI helped researchers bypass Apple M5 defenses
Apple devices have earned a reputation for being tough to break into. That comes from Apple's tight control over the hardware, software and many of the protections standing between you and an attacker. However, a new claim from security startup Calif shows how quickly the cybersecurity world may be changing.
Calif says a small team of researchers used a preview version of Anthropic's Claude Mythos to help build a working macOS kernel exploit against Apple's new M5 chip protections in less than a week. A kernel exploit targets the core part of an operating system, which controls how your device runs and what apps can access.
The company says the exploit survived Apple's Memory Integrity Enforcement, or MIE, a security feature designed to make memory-based attacks much harder on newer chips. The bigger concern is speed. Artificial intelligence may help skilled researchers find serious software flaws faster than ever before, which means scammers and cybercriminals could eventually use similar tools to find weak spots before companies have time to patch them.
CHINESE HACKERS TURNED AI TOOLS INTO AN AUTOMATED ATTACK MACHINE
Your phone holds your email, passwords, photos, banking apps and personal data. In this free, live online class, Kurt the CyberGuy will walk you step by step through simple phone security fixes you can do in real time. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Register here: CyberGuyLive.com.
Calif says its researchers built what it describes as the first public macOS kernel memory corruption exploit on M5 silicon with MIE enabled. The company says the attack targets macOS 26.4.1 on Apple M5 hardware.
It begins with a regular local user account and ends with root access. Root access gives someone the highest level of control on a Mac. That could let an attacker change system settings, reach sensitive files or run commands with powerful permissions.
That sounds alarming, but it needs context. Calif described this as a local privilege escalation chain. In everyday terms, an attacker would already need some way to get code running on the Mac first. This type of attack would more likely follow another step, such as a malicious download or compromised installer. Once bad code gets that first foothold, a privilege escalation bug can help it dig much deeper.
SHAMOS MALWARE TRICKS MAC USERS WITH FAKE FIXES
Memory corruption bugs have been a favorite target for attackers for years. These flaws can let attackers crash software, steal data or take over parts of a system.
Apple's Memory Integrity Enforcement was designed to make that type of attack far more difficult. Apple says MIE uses hardware-assisted memory safety protections on A19 and M5 processors or later. In simpler terms, MIE helps the chip and operating system check whether software touches memory in suspicious ways. That makes many older attack tricks harder to pull off.
That is why Calif's claim warrants attention. The researchers say they found a way around those protections with help from Mythos Preview. That suggests AI could speed up the hunt for flaws, even in systems with advanced built-in defenses.
AI CYBERSECURITY RISKS AND DEEPFAKE SCAMS ON THE RISE
Calif says Mythos Preview helped identify the bugs and assisted throughout exploit development. The company also made clear that human expertise still mattered.
According to Calif, Mythos found the bugs quickly because they belonged to known bug classes. However, bypassing Apple's new protection required experienced researchers.
Think of it this way: AI helped point the researchers toward weak spots. People still had to understand how to turn those findings into a working exploit. That makes the story more concerning because AI may help skilled teams move much faster.
FORMER GOOGLE CEO WARNS AI SYSTEMS CAN BE HACKED TO BECOME EXTREMELY DANGEROUS WEAPONS
Mozilla has already seen similar potential. The organization said an early version of Claude Mythos Preview helped identify 271 vulnerabilities fixed in Firefox 150. Mozilla said those findings came during an evaluation of the model's ability to help with security work.
So the bigger story goes beyond Apple. Advanced AI tools may give security researchers more speed. Those same tools could eventually help attackers search for software flaws faster, too.
Most people do not think about kernel exploits when they open up their laptops. They think about email, work and family photos. That is exactly why this story hits closer to home than it may seem.
If researchers can find high-impact bugs faster with AI, attackers may eventually try to do the same. The unsettling part is the speed. A flaw that once took months to discover might surface much sooner when AI helps scan code and suggest attack paths.
Calif called its work "a glimpse of what is coming." That may sound dramatic, but the warning is easy to understand. Cybersecurity teams may need AI to defend systems as quickly as attackers use AI to search for weak spots.
MAC MALWARE MAYHEM AS 100 MILLION APPLE USERS AT RISK OF HAVING PERSONAL DATA STOLEN
This does not mean your Mac has suddenly become unsafe. Apple's security model remains one of the strongest in consumer tech. It also does not mean MIE failed as a protection. No security feature blocks every attack forever.
DON'T IGNORE APPLE'S URGENT SECURITY UPDATE
However, updates now matter more than ever. Calif says it shared its findings with Apple and plans to release full technical details after Apple ships a fix. That is how responsible disclosure should work. Researchers report the issue first, the company investigates it, and users get a patch before attackers get a roadmap.
We reached out to Apple for comment, but did not hear back before our deadline.
That brings us to this: what you can do now to lower your risk.
10 SIMPLE CYBERSECURITY RESOLUTIONS FOR A SAFER 2026
You do not need to become a cybersecurity expert to lower your risk. A few smart habits can make it much harder for attackers to get the access they need.
Start with software updates. On your Mac, go to Apple menu > System Settings > General > Software Update. Install any available macOS updates. Also, turn on automatic updates where possible. This helps your Mac get important security fixes without waiting for you to remember.
Be careful with apps from links, pop-ups or unfamiliar websites. If an attacker needs code running on your Mac first, a fake app can become the front door. Download apps from the Mac App Store or directly from trusted developers. Also, pause before opening installers sent through email or social media links. Strong antivirus software can add another layer of protection by helping detect malicious downloads, suspicious links and scam websites before they put your Mac at risk. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.
Review which apps have access to sensitive parts of your Mac. Go to Apple menu > System Settings > Privacy & Security and check permissions for areas such as Accessibility, Camera, Microphone and Screen Recording. Remove access for apps you do not recognize or no longer use. These permissions can give apps powerful reach across your device.
Turn on two-factor authentication (2FA) for your Apple Account. This adds another layer of protection if someone steals or guesses your password. Also, use a strong, unique password. Do not reuse the same password you use for email or banking. A password manager can help create and store unique passwords for each account, so you do not have to remember them all yourself. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.
Your browser is one of the most common places where attacks begin. Keep Safari, Chrome, Firefox or any other browser updated. Then, review your browser extensions. Remove anything you do not use or do not recognize. A shady extension can track your activity, inject ads or collect sensitive data.
Safari: Open Safari > Settings > Extensions. Uncheck any extension you do not recognize or select it and click Uninstall. Safari extensions update automatically with their apps.
Chrome: Open Chrome > three dots > Help > About Google Chrome to check for updates. To review extensions, go to Chrome > three dots > Extensions > Manage Extensions. Remove anything suspicious or unnecessary.
Firefox: Open Firefox > Firefox menu > About Firefox to check for updates. To review add-ons, go to Firefox > Add-ons and themes > Extensions. Remove anything you do not recognize. Firefox recommends keeping add-ons set to update automatically.
Scammers love fake pop-ups that claim your Mac has a virus. These alerts often push you to download software or call a fake support number. Do not click the warning or call the number on the screen. Close the tab or quit the browser. If you feel unsure, restart your Mac and check for updates through System Settings.
Use Time Machine or another trusted backup method. A recent backup can help you recover if malware damages files or locks you out. Keep at least one backup separate from your Mac. That way, a device problem does not take your backup down with it.
Many people leave their Macs running for weeks. A restart can help clear temporary processes and apply pending updates. A restart will not solve every security problem, but it can help your Mac finish updates and clear out processes that no longer need to run.
FBI WARNS OVER 1 MILLION ANDROID DEVICES HIJACKED BY MALWARE
Apple built serious protections into its newest chips, and that still matters. But Calif's claim shows that even the strongest consumer security systems now face a new kind of pressure. AI is starting to change the speed of vulnerability research. For you, the lesson is this. Keep your Mac updated. Be careful what you install. Review the apps that have deep access to your system. The age of "set it and forget it" security is fading fast. Your device may be smart, but the tools looking for its weak spots are getting smarter too.
If AI can help a small team challenge Apple's newest defenses in days, should companies be required to disclose how they are using AI to find and fix security flaws before attackers do? Let us know by writing to us at CyberGuy.com.
Sign up for my FREE CyberGuy Report
Copyright 2026 CyberGuy.com. All rights reserved.