A tiny Vietnamese security startup, armed with a preview of Anthropic’s most powerful AI, just pulled off something the industry thought was years away — cracking Apple’s M5 chip security in under a week.

For years, Apple has built its brand on a simple, powerful promise: our devices are the hardest to hack. The tight fusion of hardware and software, the secretive chip design, the ever-evolving security layers — all of it pointed to one conclusion. Apple Silicon is a fortress.

The M5 chip, launched in late 2025, doubled down on that reputation with a brand-new defence system called Memory Integrity Enforcement (MIE). It was supposed to be a new wall that attackers couldn’t climb.

Then came Calif. And Claude Mythos.

The Exploit That Shocked Silicon Valley

Security startup Calif — a small but razor-sharp Vietnamese research firm — claims it built a fully working macOS kernel exploit targeting Apple’s M5 chip. Their weapon of choice wasn’t a room full of veteran hackers burning the midnight oil. It was Anthropic’s Claude Mythos, a preview-stage AI model that the startup used to identify vulnerabilities and assist throughout the entire exploit development process — all in fewer than seven days.

The attack chain is precise and ruthless. It begins from a completely unprivileged local user account — meaning someone with no special permissions, just an ordinary Mac login — and escalates all the way to root access using standard system calls. No exotic tools. No insider knowledge. Just two chained vulnerabilities combined with techniques targeting bare-metal M5 hardware with kernel MIE enabled.

📌 Key Stats at a Glance:

⏱️ Time to exploit: Under 7 days
🎯 Target: Apple M5 chip + Memory Integrity Enforcement (MIE)
🤖 AI used: Claude Mythos (Preview) by Anthropic
🔓 Privilege escalation: Local user → full root access
🏢 Who did it: Calif, a Vietnamese security startup

What Is Memory Integrity Enforcement (MIE)?

Before we go further, here’s what makes this story so significant.

MIE — Memory Integrity Enforcement — is Apple’s newest kernel-level security feature, exclusive to M5-based devices. It was engineered specifically to prevent memory corruption attacks, one of the oldest and most devastating classes of exploits in the history of computing. Security researchers considered MIE one of the most ambitious hardware security leaps Apple had ever made.

In other words: Apple built MIE to stop exactly this kind of attack. And it didn’t stop it.

Enter Claude Mythos: The AI That Helped Crack Apple

Claude Mythos is Anthropic’s most advanced AI model, currently in a limited preview phase. While the AI community has been watching it closely for its research and reasoning capabilities, Calif’s experiment reveals something far more unsettling: AI-assisted vulnerability discovery at a speed and depth no human team could match alone.

To be clear — this wasn’t a fully autonomous AI hack. Calif’s human researchers were still needed to navigate the most complex MIE barriers. But Claude Mythos reportedly handled the heavy cognitive lifting: scanning for bugs, modelling attack paths, suggesting exploit code, and dramatically compressing what would traditionally take weeks or months into days.

“Achieving a kernel memory corruption exploit against the best protections in under a week is remarkable. It demonstrates what happens when advanced AI models are combined with security experts.”
— Calif Security, official technical writeup

Calif says the findings were responsibly disclosed directly to Apple during an in-person meeting in California. The vulnerability was handed to Apple before going public — the way ethical security research is supposed to work.

Apple’s Silence Speaks Volumes

As of the time of writing, Apple has made zero public statements about the exploit or Calif’s findings. No blog post. No security advisory. No comment to the press.

That silence should concern every M5 Mac user.

Apple is no stranger to quietly patching vulnerabilities — sometimes via a silent macOS point update that doesn’t even make headlines. But the absence of any public acknowledgement leaves millions of users in the dark about whether they are currently at risk.

The question the industry is now asking isn’t just “will Apple patch this?” It’s a much harder question: can any patch keep pace with what AI-assisted exploit development now makes possible?

The Bigger Picture: AI Is Rewriting the Rules of Hacking

This story is about far more than one exploit on one chip. It represents a fundamental shift in the cybersecurity arms race.

For decades, the battle between attackers and defenders has been a human contest — expertise vs expertise, patience vs patience. AI has now entered that arena. And unlike human researchers, AI doesn’t get tired, doesn’t miss subtle patterns buried in thousands of lines of code, and doesn’t need months to connect the dots.

Security researchers have warned for years that AI would eventually lower the barrier to sophisticated cyberattacks. Calif’s work is the first significant public proof of concept against a flagship consumer platform. If a small startup can do this with a preview version of Claude Mythos, what can a well-funded attacker — or a nation-state actor — accomplish with unrestricted, purpose-built AI tools?

The implications stretch far beyond Apple:

🏦 Banks and financial institutions running hardened hardware could face similar AI-assisted probing
🏥 Healthcare systems with legacy security assumptions are suddenly more exposed
🏛️ Government infrastructure may need to re-evaluate what “secure hardware” even means in 2026

What Should M5 Mac Users Do Right Now?

There is no official patch available as of publishing. But here’s what you can do immediately to reduce your exposure:

✅ Keep macOS fully updated. Apple often patches critical vulnerabilities silently. Go to System Settings → General → Software Update and enable automatic updates.

✅ Only run software from trusted sources. This exploit begins from a local user account — meaning physical or logged-in access is required. Don’t give that foothold to untrusted apps.

✅ Enable FileVault. Full-disk encryption won’t stop a root escalation, but it limits what attackers can do with stolen data if your machine is accessed.

⚠️ Be cautious on shared machines. If you use a Mac in a shared office or lab environment, understand that the attack starts from a basic local account.

⚠️ Watch Apple’s security advisories. Bookmark Apple’s Security Updates page and check it regularly over the coming weeks.

Frequently Asked Questions (FAQ)

Is my M5 Mac currently at risk?

The vulnerability exists, but the exploit requires local user account access — it is not a remote attack. This means a remote attacker cannot exploit this over the internet without first gaining some level of access to your machine. However, the risk is real and should be taken seriously, especially in shared environments.

What is Claude Mythos?

Claude Mythos is Anthropic’s most advanced AI model, currently in a limited preview phase. It is a reasoning and research-focused AI that Calif’s researchers used to assist in identifying security vulnerabilities in Apple’s M5 chip.

Has Apple confirmed the vulnerability?

Apple has not made any public statement. Calif claims the vulnerability was responsibly disclosed to Apple in person before publication.

Does this affect M4 or older Apple Silicon Macs?

The specific exploit targets the M5 chip’s Memory Integrity Enforcement (MIE) feature, which is exclusive to M5 devices. Older Macs running M1, M2, M3, or M4 chips do not have MIE and are therefore not affected by this specific exploit — though they have their own separate vulnerability considerations.

Will Apple release a patch?

Almost certainly yes — Apple has a strong track record of patching disclosed vulnerabilities quickly. The question is timing. Keep your Mac updated and watch for macOS security updates in the coming weeks.

Final Word

Apple built the M5 to be the most secure consumer chip on the planet. For a brief, remarkable week in 2026, a small startup and an AI proved that no fortress is permanent.

This isn’t a story about Apple failing. It’s a story about the future arriving faster than anyone expected — a future where AI doesn’t just defend systems, but finds the cracks in them too.

The real test now is what Apple does next. And how fast the rest of the industry wakes up.