Kernel exploits typically take months or years. This one took five days.
In the long contest between those who build walls and those who find ways through them, a new kind of tool has shifted the balance. A team of security researchers, working with Anthropic's Mythos AI, produced a working kernel exploit for Apple's M5 chip in five days — a task that once demanded months or years of specialized effort. The breach bypasses Memory Integrity Enforcement, one of Apple's most carefully engineered defenses, and raises a question that will not quietly go away: when artificial intelligence can compress the timeline for breaking into the deepest layers of a system, what does security even mean anymore?
- A working exploit for Apple's M5 kernel — something with no prior public precedent — was built in under a week, shattering assumptions about how long such attacks take to develop.
- Memory Integrity Enforcement, Apple's purpose-built shield against exactly this kind of attack, was bypassed, exposing root-level access on affected macOS systems and undermining years of security engineering.
- The security community is now confronting an uncomfortable question: if a research team with preview access to Mythos could do this in five days, what becomes possible when similar tools reach adversaries with no ethical guardrails?
- Researchers withheld technical specifics to give Apple time to patch, but the company faces mounting pressure to move fast — the M5 architecture itself is implicated, meaning any fix must be surgically precise.
- Anthropic now faces scrutiny over whether Mythos's safeguards are adequate, as the tool demonstrated genuine offensive capability even in the hands of researchers simply asking the right questions.
A security research team has done something with no prior public precedent: they built a working exploit for Apple's M5 kernel in five days, using Anthropic's Mythos AI to guide the process. The exploit defeats Memory Integrity Enforcement — a core protection Apple engineered specifically to block unauthorized modifications to critical kernel structures — and delivers root-level access to affected macOS systems.
What unsettled the security community most was the speed. Kernel exploits typically demand months or years of painstaking work. Mythos compressed that timeline dramatically, helping researchers identify the vulnerability, understand its mechanics, and assemble a proof of concept in less than a week. The tool was designed for complex technical problem-solving, and in this case it proved capable of offensive security work at a level few anticipated.
The researchers chose not to publish technical details, giving Apple time to develop a patch before the full attack surface becomes public. That patch will not be simple — the vulnerability is embedded in the M5 architecture itself, meaning any fix must close the hole without degrading performance or breaking existing software. Apple has not yet commented publicly, but its security team is almost certainly already at work.
The episode also puts Anthropic in an uncomfortable position. Mythos was built with safeguards meant to prevent harmful use, yet it demonstrated real offensive capability when researchers knew how to frame their questions. Whether those safeguards are sufficient — and whether releasing such tools even in preview form creates risks that outweigh the benefits — will now be a matter of serious scrutiny.
For Apple, this is a moment of public exposure for a brand built on the promise of security by design. Whether it becomes a turning point for macOS defenses, or simply another entry in a long ledger of vulnerabilities, depends on how quickly the company can respond — and on how the broader industry reckons with the reality that AI can now meaningfully accelerate the search for critical flaws.
A team of security researchers accomplished something that had not been done before in the public record: they developed a working exploit for Apple's M5 kernel in five days, using Anthropic's Mythos AI system to guide them through the process. The exploit bypasses Memory Integrity Enforcement, one of the core security mechanisms Apple built into its latest generation of chips, and grants root-level access to affected macOS systems.
The speed of the discovery is what caught the attention of the security community. Kernel exploits—code that breaks through the deepest layer of a computer's operating system—typically take months or years to develop, if they emerge at all. The researchers were able to compress that timeline dramatically by using Mythos, an AI system designed to assist with complex technical problem-solving. The system helped them identify the vulnerability, understand its mechanics, and construct a working proof of concept in less than a week.
Memory Integrity Enforcement is not a minor feature. Apple designed it specifically to prevent the kind of attack the researchers executed. The system monitors memory access patterns and blocks unauthorized modifications to critical kernel data structures. It represents years of engineering effort aimed at making macOS a harder target. That Mythos could help researchers find a way around it raises immediate questions about whether current defenses are sufficient against AI-assisted attackers.
The implications ripple outward quickly. If a research team with access to a preview version of Mythos could crack this in five days, what happens when the tool becomes more widely available? What happens when adversaries with fewer ethical constraints get their hands on similar technology? The researchers did not disclose the specific technical details of the exploit, a responsible choice that gives Apple time to patch before the full attack surface becomes public knowledge.
Apple has not yet issued a statement about the discovery, but the company's security team is almost certainly already working on a fix. The vulnerability exists in the M5 architecture itself, which means any patch will need to be carefully engineered to close the hole without degrading performance or breaking existing software. The company faces pressure to move quickly—the longer the exploit remains unpatched, the longer the window stays open for malicious actors to weaponize it.
The discovery also forces a reckoning with how the technology industry thinks about AI safety in security contexts. Anthropic built Mythos with safeguards intended to prevent it from being used for harmful purposes, yet here it is, demonstrating genuine offensive capability in the hands of researchers who knew how to ask the right questions. The company will likely face scrutiny about whether those safeguards are adequate, and whether releasing such tools—even in preview form—creates risks that outweigh the benefits of accelerated security research.
For Apple, this is a moment of exposure. The company has long marketed its chips as secure by design, and the M5 represented the latest iteration of that promise. Now there is public proof that the promise has limits. Whether this becomes a watershed moment for macOS security, or simply another vulnerability in a long line of them, depends largely on how quickly Apple can patch and how the broader industry responds to the demonstration that AI can compress the timeline for finding critical flaws.
Citas Notables
Kernel exploits typically take months or years to develop; this one was completed in less than a week— Security research community assessment
La Conversación del Hearth Otra perspectiva de la historia
Five days seems impossibly fast for a kernel exploit. What made this different?
Mythos could map the entire attack surface at once. Instead of researchers spending weeks just understanding the memory layout and security boundaries, the AI synthesized that knowledge and pointed them toward the weak points.
So it's not that Mythos wrote the exploit itself?
Not exactly. It guided the thinking. It helped them ask better questions, test hypotheses faster, iterate on failed approaches. It compressed the research cycle from months to days.
Memory Integrity Enforcement sounds like it should have stopped this. Why didn't it?
Because there was a gap in how the enforcement mechanism validated certain memory operations. Once you know the gap exists, you can exploit it. Mythos helped them find the gap.
Does Apple know about this yet?
They know now. The researchers disclosed it responsibly before going public. Apple's security team is working on a patch, but the architecture itself may need rethinking.
What worries you most about this?
That this is the first public one. If researchers with ethical constraints can do this in five days, what's the timeline for someone without those constraints?