Security researchers from Calif, a company based in Palo Alto, developed what they describe as the first public memory corruption exploit in the macOS kernel on Apple's M5 silicon, with direct assistance from Claude Mythos Preview, Anthropic's specialized cybersecurity model. The finding was reported by The Wall Street Journal and raises a question that the industry has been discussing for months: what happens when artificial intelligence accelerates both the detection of vulnerabilities and their potential exploitation.
The research process clearly illustrates the current capabilities and limitations of AI in cybersecurity. Mythos Preview was able to quickly identify the bugs because they belonged to classes of known vulnerabilities. However, the design of the exploit itself required the intervention and judgment of human experts. The result was an attack vector that, if not corrected, would allow an attacker to access parts of the system that should be inaccessible and take control of the device.
Apple took the report seriously. The company hosted the researchers at Apple Park in Cupertino to review the findings in detail. The complete technical details of the exploit and the attack pathway will be published once Apple has addressed the identified vulnerabilities, following the standard protocol for responsible disclosure in the industry.
The broader context is relevant to understanding the reach of Mythos beyond this specific case. Anthropic launched the Glasswing Project in April, a defensive cybersecurity initiative that allows its participants to use Mythos to strengthen the security of their own systems. Among the organizations involved in the project are Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Mozilla, for example, has already used Mythos to identify and fix 271 vulnerabilities in its latest version of Firefox.
The competitive response was swift: days after the macOS case, OpenAI unveiled Daybreak, its own cybersecurity initiative built on different AI models, including its specialized agent Codex. Unlike the vulnerability detection and remediation approach, Daybreak is based on the premise that cybersecurity must be integrated into software from its initial development.
From the analysis of next+, this case illustrates a tension that will define the next phase of the industry: the same models trained to protect systems are capable of accelerating the identification of attack routes. The difference between a defensive and an offensive use of that capability is not technical, but institutional. The fact that Anthropic operates Mythos under a controlled framework like Glasswing, with verified participants and explicitly defensive goals, is precisely the company's bet to keep that line on the right side.