据《华尔街日报》报道,Anthropic的Mythos AI工具在短短五天内,成功帮助研究人员发现了两个此前未知的macOS内核漏洞,并将其串联成一个完整的权限提升攻击链。该攻击针对操作系统最底层的核心,通过组合多个漏洞和技术,绕过了苹果的内存完整性保护机制,访问了本应受保护的系统区域。这凸显出现代macOS的防御重点已从单纯防止漏洞发现,转向增加漏洞利用难度。Mythos在此类研究中展现出强大能力,因为它能协助形成假设、分析代码行为、推理底层约束并建议利用路径,从而大幅加速传统上依赖手动、试错的研究过程。
WSJ: Anthropic's Mythos helped researchers find 2 unknown macOS kernel bugs and turn them into a working privilege escalation exploit in 5 days.
The target was the macOS kernel, the deepest layer of Apple's desktop operating system, where code controls memory, processes, permissions, and access to hardware.
Mythos helped connect 2 separate flaws with extra exploitation techniques, which means the attack did not rely on one bug but on a chain where each step made the next step possible.
The exploit allegedly corrupted memory, bypassed Apple's memory integrity protections, and gained access to protected parts of the system that normal apps should never reach.