“`html
Apple’s M5 silicon has allegedly been utilized for the inaugural time in a public macOS kernel memory corruption assault, effectively circumventing the firm’s distinguished hardware-level memory safeguards.
Researchers from Calif, Bruce Dang, Dion Blazakis, and Josh Maine, devised a functional kernel local privilege escalation (LPE) exploit aimed at macOS 26.4.1 (25E253) on bare-metal M5 machinery.
The exploit sequence initiates from an unprivileged local user account, employs only standard system calls, and provides a complete root shell, all while Apple’s Memory Integrity Enforcement (MIE) remains operational.
The team identified the two fundamental vulnerabilities on April 25, collaborated two days later, and had a functioning exploit in operation by May 1.
Initial Public macOS Kernel Exploit
In lieu of utilizing the standard bug bounty submission channel, the researchers personally delivered the 55-page printed report directly to Apple Park in Cupertino, a strategic choice to evade the congested submission lines typical during events like Pwn2Own. Comprehensive technical specifics will only be disclosed after Apple releases a patch.
Memory Integrity Enforcement is Apple’s hardware-assisted memory security system, grounded in ARM’s Memory Tagging Extension (MTE) framework.
Presenting as the flagship security feature of the M5 and A19 chips, Apple dedicated five years, and reportedly billions of dollars, perfecting MIE to particularly counter kernel memory corruption exploits.
According to Apple’s own analysis, MIE disrupts every known public exploit sequence against contemporary iOS, including the leaked Coruna and Darksword exploit kits.
The development was facilitated in part by Anthropic’s Mythos Preview, a robust AI model that aided in pinpointing the two vulnerabilities and supported throughout the exploit creation procedure.
Calif characterizes the model as adept at generalizing attack patterns across complete vulnerability categories once it has understood a type of issue.
The vulnerabilities were identified swiftly because they fall within recognized bug categories; however, independently bypassing MIE still necessitated considerable human expertise, highlighting the effectiveness of a human-AI collaboration.
The five-day development period against a protection that took Apple half a decade to construct is being highlighted as an important milestone for AI-assisted offensive security research.
Memory corruption continues to be the most widespread vulnerability category across all modern platforms, including iOS and macOS. Security mitigations such as MIE are intended to elevate the cost of exploitation, not render it impossible.
This research illustrates that as AI models become more adept at uncovering unknown bugs in familiar categories, even top-tier hardware mitigations encounter a diminishing window of effectiveness.
Calif portrays the exploit as a preview of what it terms the “AI bugmageddon” era, a period where small, AI-enhanced security teams can accomplish what previously demanded large, well-resourced organizations.
Apple was established in an era preceding Mythos Preview; this exploit denotes that the dynamics of hardware security are already beginning to evolve.
Apple is reportedly developing a solution. Until a patch is made available, systems executing macOS 26.4.1 on M5 hardware remain at theoretical risk from local privilege escalation via this unreported sequence.
“`