Key Takeaways

- First public kernel memory corruption exploit on Apple M5 silicon bypasses MIE hardware protection
- Researchers built the working exploit in five days, compared to Apple's five years developing MIE
- The exploit achieves root shell from an unprivileged local user using only normal system calls
Apple's latest hardware security feature lasted about a week against determined researchers. Security firm Calif announced the first public kernel memory corruption exploit targeting Apple's M5 silicon, bypassing the Memory Integrity Enforcement (MIE) system that Apple spent five years developing.
The team built a working exploit in five days. They reported it to Apple in person at Apple Park on May 14, 2026, hand-delivering a laser-printed vulnerability report. Their reasoning: avoid getting lost in the submission flood that typically buries remote disclosures.
What MIE Was Supposed to Stop
Memory Integrity Enforcement is Apple's hardware-assisted memory safety system built around ARM's Memory Tagging Extension (MTE). Apple introduced it as the flagship security feature for the M5 and A19 chips, specifically designed to stop memory corruption exploits.
Memory corruption remains the most common vulnerability class on iOS and macOS. It powers many of the most sophisticated compromises on both platforms. Apple's approach was to push defenses directly into hardware, making bypasses significantly harder.
According to Apple's own research, MIE disrupts every public exploit chain against modern iOS, including the recently leaked Coruna and Darksword exploit kits. The company reportedly spent billions of dollars on the technology.
How the Exploit Works
The exploit is a data-only kernel local privilege escalation chain targeting macOS 26.4.1 (build 25E253). It starts from an unprivileged local user, uses only normal system calls, and ends with a root shell.
Bruce Dang found the initial bugs on April 25th. Dion Blazakis joined the Calif team on April 27th. Josh Maine built the tooling, and by May 1st they had a working exploit. The macOS attack path was actually an accidental discovery while the team was exploring AI-assisted exploit development under MTE.
Calif worked with Mythos Preview on the exploit development. The firm noted they have been exploring how AI can help build exploits that still work under MTE protection. While Apple's primary focus with MIE was iOS security, they also brought the technology to the M5 chips powering the latest MacBooks.
Technical Details Still Under Wraps
Calif plans to release full technical details after Apple fixes the vulnerabilities and attack path. The firm joked they only budgeted one year of domain registration fees for the attack, hoping Apple moves faster than that.
The exploit's data-only nature is notable. It avoids code injection entirely, instead manipulating existing data structures to achieve privilege escalation. This approach is specifically designed to work around modern memory protections that focus on preventing malicious code execution.
Why This Matters Beyond Apple
Many security experts consider Apple devices the most secure consumer platform. If MIE can be bypassed this quickly, other hardware-assisted memory safety implementations may face similar challenges.
The security industry has long operated on a principle: if you cannot fully prevent something, you accept the risk and mitigate it by making exploitation more expensive. Apple's approach was to push mitigations into hardware, which should make bypasses harder. But mitigations carry performance costs, and even well-funded implementations are not invulnerable.
The five-days-versus-five-years contrast is stark, though it requires context. Calif's team included experienced exploit developers, and they were looking specifically for weaknesses in a new protection system. Still, the speed of the bypass suggests that hardware memory tagging is not the silver bullet some hoped it would be.

Logicity's Take
Another recent memory corruption vulnerability affecting widely-used software
Related security news on software vulnerabilities and threat actor activity
Frequently Asked Questions
What is Apple's MIE security feature?
Memory Integrity Enforcement is Apple's hardware-assisted memory safety system built on ARM's Memory Tagging Extension. It was introduced with the M5 and A19 chips to prevent memory corruption exploits.
Which macOS version is affected by this exploit?
The exploit targets macOS 26.4.1 (build 25E253) running on Apple M5 silicon.
Does this exploit require physical access to the Mac?
The exploit requires local access. It starts from an unprivileged local user account and uses only normal system calls to achieve root shell.
When will Apple fix this vulnerability?
Apple has not announced a timeline. Calif reported the vulnerability on May 14, 2026, and will release technical details after Apple patches the issue.
Are iPhones with A19 chips also vulnerable?
The researchers focused on macOS and M5. While A19 chips also use MIE, the exploit path was specific to macOS. Whether similar techniques apply to iOS is not yet known.
Need Help Implementing This?
Source: Hacker News: Best / Calif
Delhi High Court Intervenes in Apple Antitrust Investigation
The new article reports that the Delhi High Court has directed the Competition Commission of India (CCI) to refrain from issuing a final order in its antitrust investigation into Apple's App Store practices. This legal intervention follows Apple's claims that the watchdog is overstepping its authority by demanding financial records while separate challenges to the penalty framework are pending.
Huma Shazia
Senior AI & Tech Writer
Produced with AI assistance and reviewed by the Logicity editorial team. Learn more in our Editorial Policy.
Related Articles
Browse all
AI Revolution: How Tech is Transforming the World, One Industry at a Time
From desalination plants in Iran to AI-powered manufacturing, the tech world is abuzz with innovation. Discover how AI is changing the game for small entrepreneurs and what it means for the future of industry. Explore the latest developments in cybersecurity, robotics, and more.

Revolutionizing AI: The Game-Changing Tech That's Making Agents Smarter
A new technology is set to revolutionize the way AI agents learn and adapt, enabling them to accumulate wisdom and apply it to new situations. This innovation has the potential to significantly boost the reliability of AI agents, especially in complex tasks. By converting raw agent trajectories into reusable guidelines, this tech is poised to transform the AI landscape.

The Dark Side of AI: How Bots Are Fueling a Monetized Abuse Ecosystem
A recent analysis of 2.8 million Telegram messages reveals a shocking truth: AI-powered bots are being used to create and sell non-consensual intimate images. These bots can turn ordinary photos into synthetic nude images, and the abuse is being monetized through affiliate programs and subscription-based archives. The researchers behind the study are calling for stricter regulations to combat this growing problem.

AI's Secret Sauce: How Journalism Became the Unlikely Ingredient
A recent study reveals that AI chatbots rely heavily on journalistic sources for their quotes, with one in four coming from news outlets. This shocking discovery has significant implications for the media industry and our understanding of AI's information gathering processes. As AI technology continues to evolve, it's essential to consider the role of journalism in shaping its responses.



