LLMs are going to produce amazing Rube Goldberg style vulnerabilities for years to come. It's already starting, this instance isn't the case, but it's happening.

The world is so not ready for the impact of LLMs on security issues. If true, congrats to the Calif team. It’s likely too technical for me to understand in details but looking forward to reading the 55 pages report

I’m surprised Apple is still not dogfooding their allegedly safe language Swift. Or was the whole exercise of Swift 6 mostly marketing

unfortunately a little light on the details. I'm very curious how the bug survived through MTE

GPU memory/shaders/etc. isn't protected by MTE or PAC. They said "data-only", so I guess GPU commands could fit into this description.

> I'm very curious how the bug survived through MTE

Its not the first time bugs get past MTE, happened with Google Pixel last year ... https://github.blog/security/vulnerability-research/bypassin...

MTE probabilistic, not deterministic — with enough spray, odds of hitting an untagged window aren't negligible, as far as I know.

We hit something similar — turned out the bug was in a path that ran before MTE tagging initialized. Timing matters more than people expect.

from what they demonstrated, this seems to only be a $100,000 exploit in Apple's bug bounty platform, but if they package it right, it could be a $1.5 million exploit

They simply have to show it against a beta version of MacOS, and frame it as unauthorized access, and maybe from locked mode if possible

This is an lpe I believe what you’re describing is a zero click rce.

Right, LPE gets you root locally. RCE means remote code execution — totally different threat model and exploit chain.

First Mozilla, now even Apple is making up fake vulnerabilities to hype up Mythos. /sarcasm

apple didn't "make up" this vulnerability, it was an external team reporting an issue

screech nothing but stochastic parrots! glorified autocomplete!

IIRC Mythos was the codename, not something Mozilla or Apple named publicly. But yeah, the incentive to hype CVEs is real.

Cisco put up a totally bogus 10.0 CVE just for this reason, too

I bought the M5 specifically cause of MIE. Now I feel dumb.

You shouldn’t, MTE blocks a large chunk of vulnerabilities and makes things like rop and jop very difficult if not impossible now.

you should worry about npm/pypi malware, not memory corruption bugs

Did the article get edited? There is not much description of the field trip.

Another breathless marketing hype for Mythos. The curl report was much more sober.

https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-v...

These people don’t work for Apple or Anthropic.

Kernel memory corruption on new Apple silicon feels very 2004 Windows. Some things never change regardless of the ISA.