Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

Apple Alerted to macOS Security Vulnerability Uncovered With AI Tool

by

Anthropic recently announced Project Glasswing, an initiative that enables tech companies like Apple to use its new frontier AI model Claude Mythos Preview to find security vulnerabilities across operating systems and web browsers.

macOS Tahoe and iPhone
The Wall Street Journal today reported that researchers at cybersecurity firm Calif used Claude Mythos Preview to uncover a new macOS security vulnerability last month. Specifically, they used the model to write code that links together two macOS bugs in a way that resulted in what is known as a privilege escalation exploit.

The security researchers said the exploit would not have been possible with Mythos alone, as it still required their human expertise on top, but it nevertheless proves that AI can assist with discovering software vulnerabilities.

Apple said it was reviewing Calif's report to validate the findings.

"Security is our top priority, and we take reports of potential vulnerabilities very seriously," an Apple spokesperson told The Wall Street Journal.

It is unclear if Apple has already patched the exploit. Apple's security notes for the macOS 26.5 update released this week mention a fix for a kernel-level vulnerability, and it credits Calif and Anthropic for discovering it. Yet, the report said that Calif only met with Apple this week and suggested that a fix was still coming.

We have reached out to Apple for comment.

Related Roundup: macOS Tahoe
Tags: Anthropic, Apple Security
Related Forum: macOS Tahoe

Popular Stories

apple lock security bug vulnerability fix privacy

Apple Warns Canada's Bill C-22 Could Force Encryption Backdoors

Friday May 8, 2026 4:22 am PDT by
Apple and Meta have opposed a Canadian bill that the companies say could force them to create backdoor access to encrypted user data, should it pass through the country's parliament. Proposed by Canada's ruling Liberal Party, Bill C-22 contains provisions that could be similar ​to a UK data access provision order sent to Apple last year, depending on how they are implemented. Back in Feb...
Read Full Article80 comments
anthopic claude

Anthropic Launches Claude Opus 4.8 With Gains in Coding and Honesty

Thursday May 28, 2026 11:29 am PDT by
Anthropic today announced the launch of its latest AI model, Claude Opus 4.8. Anthropic claims the model is a "more effective collaborator" with improvements in agentic coding, multidisciplinary reasoning, agentic computer use, knowledge work, and agentic financial analysis. Testers have found Opus 4.8 to be "more reliable and sharper in its judgement" when doing agentic tasks, and the model ...
Read Full Article120 comments
macOS Tahoe 26 Thumb 2

macOS Tahoe 26.5 Release Candidate Now Available

Monday May 4, 2026 10:14 am PDT by
Apple today provided the release candidate version of an upcoming macOS Tahoe 26.5 update to developers for testing purposes, with the update coming a week after Apple seeded the fourth beta. Developers can download the macOS Tahoe 26.5 update by opening up the System Settings app, selecting the General category, and then choosing Software Update. Beta Updates will need to be enabled, and a...
Read Full Article46 comments

Top Rated Comments

N
now i see it
2 weeks ago
If researchers can use ai tools to identify vulnerabilities- so can nation state hackers, and likely small time hackers too.
The arms race towards computing Armageddon has just begun.
Score: 13 Votes (Like | Disagree)
turbineseaplane Avatar
turbineseaplane
2 weeks ago

I love how this went from Ai discovers bugs to Ai can assist in finding bugs.

It’s the theme of the entire Ai industry right now. Over promised and under delivered
Lest we forget about “AI creating bugs”, which I guarantee you is happening.
Score: 6 Votes (Like | Disagree)
k1121j Avatar
k1121j
2 weeks ago
I love how this went from Ai discovers bugs to Ai can assist in finding bugs.

It’s the theme of the entire Ai industry right now. Over promised and under delivered
Score: 6 Votes (Like | Disagree)
G
gaggle
2 weeks ago

If researchers can use ai tools to identify vulnerabilities- so can nation state hackers, and likely small time hackers too.
The arms race towards computing Armageddon has just begun.
You're not wrong in your intuition that this levels the playing-field on finding exploits, but the end result should be the opposite: The more stress testing, the safer the code. And there languages and techniques that fundamentally evaporate entire classes of bugs, and if enough bugs are found in existing solutions it can prompt maintainers to perform such upgrades. It has a hint of evolution to it: The strong and adaptable solutions will survive. It doesn't have to a pretty journey, I'm not claiming it'll be rainbows and unicorns, but directionally not an armageddon.
Score: 5 Votes (Like | Disagree)
U
Unregistered 4U
2 weeks ago
“The exploit is a data-only kernel local privilege escalation chain targeting macOS 26.4.1 (25E253). It starts from an unprivileged local user, uses only normal system calls, and ends with a root shell.“

So, same thing still applies. Don’t download random files from the internet and open them. I mean, novel that they’re proud to say AI was involved (they wouldn’t have been able to do it without AI), but, like all security researchers, they’re just in it for their 5 minutes of fame. That it’s unable to cause anyone any distress without a attacker having physical access to the machine (OR access to an unwise person with physical access to the machine) is just kinda where we are with computing today. Nothing for them to really raise an alarm about.
Score: 4 Votes (Like | Disagree)
P
parameter
2 weeks ago
I'm going back to pencil and paper.
Score: 4 Votes (Like | Disagree)
Read All Comments

🔗 Related Apple News & Rumors

Stay updated with the latest Apple ecosystem news and verified rumors