Anthropic’s Claude Mythos is an AI that’s so good at finding security flaws, the company opted not to release it publicly, instead giving access to a closed circle of security researchers and large organizations.
Now, we’re getting first glimpses of just how powerful Mythos (currently available only to select partners, including Apple, as Claude Mythos Preview) can be. The Wall Street Journal reported that security researchers from a Palo Alto-based company called Calif used Mythos to find a crack in Apple’s macOS.
In a blog post shared by Calif on Thursday, the researchers called this the “first public macOS kernel memory corruption exploit on Apple M5,” and explained, without going into all the technicalities, that the exploit can be used to give an unprivileged local user complete access to the device.
The exploit, the post explained, involves “two vulnerabilities and several techniques.” But here’s the kicker: Anthropic’s Claude Mythos Preview helped them find the bugs, and assisted with exploit development.
“Mythos Preview is powerful: once it has learned how to attack a class of problems, it generalizes to nearly any problem in that class. Mythos discovered the bugs quickly because they belong to known bug classes,” the post said.
It’s unclear whether the flaw Calif found has already been patched or not. As MacRumors pointed out, Apple’s release notes for macOS Tahoe 26.5, which was released on Monday, do mention a fix for a bug that was submitted by Calif in collaboration with Claude and Anthropic Research, and Calif is mentioned in two other vulnerability reports.
However, in its blog post, Calif said it met with Apple “early this week,” perhaps implying that the fix is yet to come. “Full technical details will be shared after Apple fixes the vulnerabilities and attack path,” the post said.
An Apple spokeseperson gave the WSJ a canned response to the report, saying, “Security is our top priority, and we take reports of potential vulnerabilities very seriously.”
