Has Apple’s M5 Mac Security Been Hacked Using AI?
Yes — and it happened faster than anyone expected. A California-based cybersecurity startup called Calif claims it cracked a core hardware protection layer inside Apple’s latest M5-powered Mac in under a week, using Anthropic’s AI model to help build the attack. Apple has confirmed it is reviewing the findings. This is the first publicly known exploit of its kind targeting M5-chip security on macOS.
What Did Calif Actually Do
What is Memory Integrity Enforcement (MIE)
Memory Integrity Enforcement, or MIE, is a hardware-level security feature built into Apple’s M-series chips. It blocks a class of attacks called memory corruption, where malicious code tries to overwrite protected system memory. MIE sits deep inside the chip’s architecture and is designed to stop kernel-level intrusions on macOS.
Calif, headquartered in Palo Alto, says its researchers found a way to beat Apple’s MIE system on M5 hardware. The team built what they call the first known working exploit capable of bypassing MIE protection on M5 chips — and manipulating kernel memory on macOS without triggering the hardware defense.
The company says it chained two software bugs with several attack techniques to reach restricted parts of the operating system. According to Calif, if a hacker pairs this exploit with additional tools, they could eventually take full control of a Mac device.
How the Timeline Played Out
| Date | Event |
|---|---|
| April 25 | Researcher Bruce Dang discovers the bugs |
| April 27 | Security expert Dion Blazakis joins the Calif team |
| May 1 | Josh Mein develops required tools; working exploit completed |
| Shortly after | Calif shares 55-page findings directly with Apple in Cupertino |
The whole thing — from bug discovery to working exploit — took less than a week. Researcher Bruce Dang spotted the vulnerabilities on April 25. Cybersecurity expert Dion Blazakis came on board two days later. By May 1, Josh Mein had the necessary tools ready and the exploit was done.
Where Did the AI Come In
Apple M5 Hack — Key Facts
- Calif completed a working M5 kernel exploit in under one week, starting April 25, 2025.
- The attack chained two software bugs with multiple techniques to reach restricted OS memory.
- Apple’s M5 chip MIE system — a hardware defense against memory corruption — was bypassed.
- Apple told The Wall Street Journal it is actively reviewing Calif’s 55-page security report.
- Calif plans to release full technical details publicly only after Apple patches the flaws.
- AI helped identify patterns in known exploit categories, but human experts led the core work.
Anthropic’s ‘Mythos Preview’ AI model played a supporting role — Calif credited it with spotting patterns across known exploit categories. But Calif’s CEO Thai Duong was direct about one thing when speaking to The Wall Street Journal: the humans were in charge. Apple’s MIE system was entirely new territory, so seasoned security researchers had to lead the actual discovery and exploitation work.
This matters because it reframes how people think about AI in cyberattacks. The AI did not hack Apple. It helped experienced researchers move faster — a meaningful difference, but not the dramatic “AI breaks Apple security” headline some outlets ran with.
Apple’s Official Response
Apple confirmed to The Wall Street Journal that it is reviewing the report. A company spokesperson said security is their top priority and that they take vulnerability reports seriously.
Calif presented its full 55-page findings to Apple at a meeting in Cupertino, California. The startup has said it will not release the technical details publicly until Apple has fixed the issues. That is standard responsible disclosure practice in the security industry.
Why This Matters for Mac Users
Millions of Mac users rely on the assumption that Apple’s hardware-level protections are unbreakable in practice. This report — even if the exploit is not yet weaponized — shows that those protections can be defeated with enough skill and the right tools. The involvement of an AI model in accelerating the process adds another variable security teams will need to plan for going forward.
The broader concern is not this one exploit. It is what it signals: that AI can compress timelines for finding and building attacks, even against hardware-enforced security systems that were previously considered extremely difficult to bypass.
Will Apple Patch This
Apple has not announced a specific fix or update yet. Given the company is actively reviewing the 55-page report, a patch is likely in development. Calif says it will make the full technical writeup public after Apple resolves the vulnerabilities — which suggests Apple is expected to act.
What Users Should Do Right Now
At this point, there is no active attack in the wild using this exploit. Calif built it as a proof of concept and disclosed it responsibly. Mac users should ensure their systems are on the latest macOS version and enable automatic updates so any patch Apple releases installs without delay.
Key Takeaways
- Startup Calif built a working exploit that breaks Apple M5’s MIE hardware security in under a week.
- Anthropic’s AI model helped find patterns but human researchers drove the actual exploit work.
- Apple is reviewing the 55-page report and has acknowledged it takes vulnerability reports seriously.
- The full technical details will go public only after Apple patches the flaws.
- No active attack is happening now — this was a responsible disclosure exercise.
FAQ
Q: Has Apple’s M5 Mac actually been hacked?
A: A cybersecurity firm built a working exploit that bypasses M5 chip security — but this was a controlled research exercise, not an active attack. Calif, a Palo Alto startup, demonstrated the exploit and handed over its findings to Apple directly. No real-world hacking using this method has been reported. Apple is reviewing the report.
Q: What is Memory Integrity Enforcement and why does it matter?
A: MIE is a hardware security layer built into Apple’s M-series chips that blocks memory corruption attacks. It sits at the kernel level and is designed to prevent malicious code from taking over critical system functions. Breaking it, even in a lab, is a serious finding because it shows the protection is not absolute.
Q: Did AI hack Apple on its own?
A: No. Anthropic’s Mythos Preview model helped the Calif team recognize patterns in known exploit types, but it did not independently find or build the attack. CEO Thai Duong confirmed that human security experts were central to the work because Apple’s MIE system was entirely new and had no prior reference points for the AI to draw from.
Q: Is my Mac at risk right now?
A: There is no known active attack using this exploit. Calif disclosed its findings directly to Apple before making anything public. Users should update to the latest macOS version immediately and turn on automatic updates so any Apple security patch reaches their device as soon as it releases.
Q: When will Apple release a fix for this M5 security flaw?
A: Apple has not announced a patch date. The company told The Wall Street Journal it is reviewing Calif’s report. Calif said it will release full technical details only after Apple fixes the issues, which suggests a patch is expected. Watch for a macOS security update in the coming weeks.
