Anthropic’s secretive Mythos AI model reportedly helped security researchers uncover new macOS security vulnerabilities that Apple is now reviewing internally, according to a new report.
Researchers from Palo Alto-based security firm Calif said they used techniques discovered while testing an early version of Mythos in April to develop a working privilege escalation exploit against macOS. The attack reportedly links together two separate bugs and several advanced methods to corrupt memory and access restricted parts of the system.
Robert McMillan, writing for The Wall Street Journal, reported:
“Security researchers say they have discovered a new way of circumventing Apple’s state-of-the art security technology, using techniques they discovered while testing an early version of Anthropic’s Mythos AI software in April.”
The report explains that Calif’s exploit chain allowed researchers to bypass protections designed to prevent unauthorized access inside macOS. If attackers combined the exploit with additional vulnerabilities, hackers could potentially take control of a Mac system.
Apple confirmed that it is reviewing Calif’s findings after the company delivered a detailed 55-page report in person at Apple Park in Cupertino.
An Apple spokesperson told The Wall Street Journal:
“Security is our top priority, and we take reports of potential vulnerabilities very seriously.”
Calif CEO Thai Duong said Mythos alone did not create the exploit and credited the company’s cybersecurity team for turning the AI-generated techniques into a real-world attack chain. He added that the bugs will “likely be fixed pretty quickly.”
Calif plans to publish technical details about the exploit after Apple patches the underlying vulnerabilities.
Why publish them? Does. it benefit the greater good to publish them or the greater bad?