Overview
- Calif security firm delivered a 55-page report to Apple on Thursday after using Anthropic’s Mythos to help chain two macOS bugs into a memory-corrupting privilege escalation.
- Apple said it is reviewing the findings and the researchers said the attack still needed human expertise to design and validate the exploit.
- The UK AI Security Institute reported this week that a newer Mythos checkpoint outperformed earlier results and OpenAI’s GPT-5.5 on its cyber ranges, showing gains without a new model release.
- The Bank of Spain warned in its financial-stability report that advanced bug-finding AI could speed synchronized attacks and called for international coordination and wider protective access such as Project Glasswing.
- Defenders report big gains but real limits, with Palo Alto finding 75 bugs versus 5–10 normally, Mozilla tallying 271 in Firefox, Microsoft surfacing 16 Windows flaws, and vendors citing false positives and high model costs.