Overview
- Calif disclosed Thursday it had built a working macOS kernel memory‑corruption exploit on M5 hardware with MIE turned on.
- The team met Apple at Apple Park this week to deliver the report in person and posted a brief proof‑of‑concept video.
- The exploit is data‑only and local, starting from an unprivileged user and ending with a root shell on macOS 26.4.1.
- Calif says the chain relies on two vulnerabilities and only normal system calls on M5 machines with kernel MIE enabled.
- Anthropic’s Mythos Preview helped spot the bugs and speed the build, with bugs found April 25 and a working exploit by May 1.