First public macOS kernel memory corruption exploit on Apple M5

vsgherzi

unfortunately a little light on the details. I'm very curious how the bug survived through MTE

AgentME

First Mozilla, now even Apple is making up fake vulnerabilities to hype up Mythos. /sarcasm

bredren

Did the article get edited? There is not much description of the field trip.

yieldcrv

from what they demonstrated, this seems to only be a $100,000 exploit in Apple's bug bounty platform, but if they package it right, it could be a $1.5 million exploit They simply have to show it against a beta version of MacOS, and frame it as unauthorized access, and maybe from locked mode if possible

commandersaki

I bought the M5 specifically cause of MIE. Now I feel dumb.

dgellow

The world is so not ready for the impact of LLMs on security issues. If true, congrats to the Calif team. It’s likely too technical for me to understand in details but looking forward to reading the 55 pages report

tkel

Another breathless marketing hype for Mythos. The curl report was much more sober. https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-v...

jp0001

LLMs are going to produce amazing Rube Goldberg style vulnerabilities for years to come. It's already starting, this instance isn't the case, but it's happening.

isodev

I’m surprised Apple is still not dogfooding their allegedly safe language Swift. Or was the whole exercise of Swift 6 mostly marketing