Calif Uses Mythos to Build macOS M5 Exploit

Calif, a Vietnam-based security research team, published a Substack post describing what it calls the first public macOS kernel memory corruption exploit that survives Apple's Memory Integrity Enforcement (MIE) on M5 silicon. Reporting by Yahoo, 9to5Mac, and other outlets cites Calif saying the initial bug discovery occurred on April 25, researchers joined April 27, and a working exploit existed by May 1. Calif wrote that the chain targets macOS 26 on M5 systems, starts from an unprivileged local account, and escalates to root by combining "two bugs and a handful of techniques," and that it shared findings with Apple in person.

Per Calif's write-up, the exploit chain links two distinct vulnerabilities plus additional techniques targeting bare-metal M5 hardware with kernel MIE enabled. Calif reported a short demonstration video of kernel memory corruption in action. Reporting further states that Mythos Preview, a preview release of Anthropic's Claude/Mythos family, helped identify vulnerabilities and assisted through exploit development, while Calif emphasized that human expertise was necessary to bypass Apple's protections.

9to5Mac provides background on MIE, noting Apple built it on Arm's Memory Tagging Extension (`MTE`). Quoting Apple's description as reproduced by 9to5Mac, MTE tags memory allocations with secrets and the hardware enforces tag checks so mismatched accesses cause crashes and logs, enabling developers to find memory corruption bugs.

Editorial analysis: Models like Mythos Preview are increasingly used as tooling aids in research workflows where they can accelerate enumeration, fuzzing hypotheses, and generate exploit-writing scaffolding when paired with experienced researchers. Observers have documented similar patterns where LLMs reduce the time spent on routine code synthesis and surface uncommon sequences to test, but human experts still direct the process and validate results.

Editorial analysis: The Calif report underscores two practical points for defenders. First, hardware-backed mitigations such as MIE and MTE raise the technical bar but do not eliminate memory-corruption attack surfaces; attackers can chain multiple weaknesses and use advanced tooling to find paths that bypass protections. Second, the pairing of high-capability models and expert operators can shorten prototype timelines from months to days, changing attacker economics for proof-of-concept development and exploit refinement.

Editorial analysis: Security teams and platform maintainers should watch for vendor advisories from Apple tied to Calif's disclosure, any public proof-of-concept release beyond Calif's demonstration video, and follow-up technical write-ups that disclose full exploitation primitives and mitigations. Researchers and defenders may also monitor whether other teams reproduce the chain or report similar MIE bypasses across macOS builds and M5-class hardware.

Calif authored the Substack post and provided the timeline and technical claims; Yahoo, 9to5Mac, and other outlets reported on that post. Anthropic is the developer of Mythos Preview as described in reporting, but Anthropic is not quoted in the coverage linked to Calif's write-up. Apple's definition of MTE is quoted via 9to5Mac.