Cybersecurity researchers have succeeded in penetrating the macOS operating system with the help of Anthropic’s Claude Mythos artificial intelligence model, in a move that highlights the capabilities of artificial intelligence in discovering complex security vulnerabilities within modern systems.
According to a report published by the Wall Street Journal, researchers from Calif have developed a privilege-elevating tool within the macOS system, allowing full access to and control over protected parts of Mac computers.
The researchers relied on the Anthropic “Mythos Preview” model to help identify vulnerabilities and accelerate the development of the hacking tool, as the model was able to quickly discover errors due to their belonging to known categories of security vulnerabilities.
However, the researchers explained that human expertise remained necessary to build the final hacking mechanism.
This incident highlights how advanced artificial intelligence systems are now able to discover attack paths and vulnerabilities that may have been previously unknown, which may give attackers more sophisticated tools to carry out cyberattacks.
Apple confirmed that it takes the researchers’ results seriously, noting that “security is its top priority.” The research team also met with Apple engineers at its headquarters to discuss these results.
Researchers have not yet revealed the full technical details of the attack. They intend to publish it after Apple fixes the vulnerabilities and associated attack paths.
This comes within the “Glasswing” project launched by Anthropic last April with the aim of using artificial intelligence to confront cyber attacks.
A number of major companies are participating in the project, including Amazon, Google, Apple, Nvidia, Cisco and other companies.
In a related context, OpenAI announced a few days ago the “Daybreak” initiative for cybersecurity, which is based on its various models, with the aim of integrating cyber protection into software from the early stages of development instead of simply discovering vulnerabilities and fixing them later. (aitnews)
