Anthropic’s Mythos AI, a tool that has already rattled the tech and financial sectors by exposing widespread software vulnerabilities, has now successfully ‘hacked’ macOS, which is regarded as one of the most secure operating systems in the world. According to a report by The Wall Street Journal, researchers claimed to have used Mythos to uncover deep-rooted security flaws that had remained hidden until now. The breakthrough was significant and the Palo Alto-based researchers who led the test reportedly drove straight to Apple’s headquarters in Cupertino to hand-deliver their findings.

How Mythos ‘hacked’ Apple’s macOS

What makes this discovery alarming is not just that the AI tool found a bug but how it thought through the problem. Mythos didn’t rely on a single mistake in Apple’s code, and instead, it performed a “chained attack.” The AI identified two separate, minor bugs in the macOS system and linked them together.

By combining these flaws, Mythos was able to corrupt the Mac’s memory, gaining access to sensitive parts of the device that are supposed to be completely off-limits. The researchers say that if used by hackers, this exploit may allow them to take full control of the victim’s computer, bypassing nearly all of Apple’s built-in security measures.

The ‘Human-AI’ team

While the AI’s ability to find these vulnerabilities is commendable, researchers noted that Mythos didn’t act entirely on its own, and that the ‘hack’ was a collaborative effort between the AI and skilled security professionals. Experts believe that while the AI has an incredible knack for spotting tiny errors in millions of lines of code, it still requires human guidance to execute the final, complex stages of a system takeover.

However, the speed and accuracy with which the AI identified the flaws suggest that “AI-assisted hacking” is increasingly becoming a major threat. Recently, Google claimed that it thwarted an AI-backed hacking campaign.

What Apple has to say

Apple is currently reviewing the data provided by the research team. In a statement to The Wall Street Journal, a spokesperson said, “Security is our top priority, and we take reports of potential vulnerabilities very seriously.”

The tech giant has not yet confirmed if a “patch” or security update has been released to fix the specific holes discovered by Mythos. Most details about the vulnerabilities are being kept secret to prevent other hackers from using the same path before a fix is ready.

Join the community of 2M+ industry professionals.

Subscribe to Newsletter to get latest insights & analysis in your inbox.

All about ETCISO industry right on your smartphone!