Security researchers have admitted that Anthropic's Mythos AI model has been able to hack macOS, bypassing Apple's security systems in a way never previously achieved.

Mythos is an early version of a new, more powerful Claude AI model software that is yet to be made public. Anthropic's engineers have warned that it is too good at finding security exploits to allow it into the wild.

Now, proof of its abilities has come in the form of an escalation exploit. If used correctly, the exploit could potentially allow a hacker to gain control of a Mac despite Apple's security measures.

Detailing the news, The Wall Street Journal says that the security researchers were "excited about their discovery." In fact, they were so impressed with what Mythos had done that they drove to Apple's Cupertino HQ to share their findings.

Chained attacks

The researchers, from a Palo Alto-based research outfit, say that Mythos didn't use a single attack vector in its hack. Instead, it linked two bugs macOS together in an attempt to corrupt the Mac's memory.

Person typing on a gray Apple laptop at a dark table, with a takeaway coffee cup and a pink container in the background, indoors with wooden wall panels

The macOS operating system has been hacked in a new way

Once the macOS memory had been compromised, Mythos was then able to "gain access to parts of the device that should be inaccessible." It's also possible that, should the hacks then be used alongside others, the Mac as a whole could become compromised.

For its part, a company spokesperson told the WSJ that it is reviewing and validating the security team's findings.

"Security is our top priority, and we take reports of potential vulnerabilities very seriously," Apple reportedly said. However, Apple hasn't yet said whether it has patched the bugs Mythos used for its hack.

In fact, it isn't clear what Mythos did and didn't do right now. That shouldn't be all that surprising, with details likely to remain fuzzy until Apple has addressed the security flaws that were leveraged.

However, the report also notes that the attack couldn't be achieved by Mythos alone. Without the skills of the hackers working alongside the AI, it is believed the hack wouldn't have been possible.

As for Mythos, Anthropic intends for it to be used for good. Project Glasswing was launched to allow Mythos to be used as a way to identify security flaws so they can be addressed.