First public macOS kernel memory corruption exploit on Apple M5

🚨 macOS Kernel Exploit on Apple M5: A New Vulnerability Emerges

The first public exploit for a macOS kernel memory corruption vulnerability on Apple's M5 chip has been disclosed, allowing attackers to potentially manipulate sensitive data and compromise system security. This exploit, detailed in a blog post, highlights a critical flaw in the kernel, the core part of the operating system that manages memory and CPU usage, enabling an attacker to corrupt kernel memory. The discovery underscores the ongoing cat-and-mouse game between security researchers and tech giants in identifying and patching vulnerabilities.

guid

https://news.ycombinator.com/item?id=48139219

source_url

https://blog.calif.io/p/first-public-kernel-memory-corruption

author_name

quadrige

id: 2753
uid: ex4yK
insdate: 2026-05-14 20:05:29
title: First public macOS kernel memory corruption exploit on Apple M5
additional:

🚨 macOS Kernel Exploit on Apple M5: A New Vulnerability Emerges

The first public exploit for a macOS kernel memory corruption vulnerability on Apple's M5 chip has been disclosed, allowing attackers to potentially manipulate sensitive data and compromise system security. This exploit, detailed in a blog post, highlights a critical flaw in the kernel, the core part of the operating system that manages memory and CPU usage, enabling an attacker to corrupt kernel memory. The discovery underscores the ongoing cat-and-mouse game between security researchers and tech giants in identifying and patching vulnerabilities.


category: Hacker News
md5:
guid: https://news.ycombinator.com/item?id=48139219
source_url: https://blog.calif.io/p/first-public-kernel-memory-corruption
updated:
image:
author_name: quadrige
author_link:

No Items Found.

Add Comment
Type in a Nick Name here
 
Other Items in Hacker News
I think Anthropic and OpenAI have found product-market fit Canada to order military plane fleet from Sweden in shift from US suppliers Reflex (YC W23) Is Hiring SWEs, Growth, and GTM Roles Gemini, Gophers, and Fingers. Oh My Alternative Internets Beyond HTTPS SimCity 3k in 4k (2025) Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction Valve raises Steam Deck prices by more than $200 What Apple and Google are doing to your push notifications On Labubu and the Hyperreal YouTube to automatically label AI-generated videos Claude Code as a Daily Driver: Claude.md, Skills, Subagents, Plugins, and MCPs All of human cooking compressed into 2 megabytes Go: Support for Generic Methods Mini Micro Fantasy Computer I'm Tired of Talking to AI Private Equity Bought America's Essential Services XLIDE: VBA without excel Incident with Pull Requests, Issues, Git Operations and API Requests Italy region: +200% tax on datacenters built in green/agricultural areas That Methyl Methacrylate Tank The worst job interview I ever had Sonny Rollins, jazz saxophonist, has died Stripe is friendly to “friendly fraud” Tunecat: Simple Internet Radio TSDuck: Open-source toolkit for MPEG-TS analysis and manipulation Gear Commit: Dev gadget box personalized from GitHub activity Show HN: Posthorn, self-hosted mail without the mail server Chemistry behind the Garden Grove chemical tank Big tech's anti-labor playbook has come for Wikipedia From Rust to Ruby Xiaomi MiMo-v2.5 price drops 99% – AI pricing war Cloudflare Flagship The OSS Sabotage Manual Became Corporate Best Practice AI Tools Are Only as Good as Your Judgment – and That's the Point Sonny Rollins, Jazz's Saxophone Colossus and Greatest Improvisor, Dead at 95 Erin Brockovich made a map to track data centers around the country Stripe is friendly to "friendly fraud" C64 Basic: Game Map Overhead "Camera View" Launch HN: Minicor (YC P26) – Windows desktop automations at scale Language Models Need Sleep The Ballad of TIGIT Uber, Lyft drivers in Massachusetts form first US ride-share union What color is your function? (2015) Is "colorectal cancer" rising in "young people"? The real cost of owning a home Sage Care (YC S24) Is Hiring Software Engineers Stop Advertising in Your Commits Logseq Doctor: Heal your flat old Markdown files before importing them to Logseq Exposing Critical Vulnerabilities in CBSE's On-Screen Marking Portal Incident with Actions and Pages
Other Categories in HNews
hacker news
Search HNews
Search HNews by entering your search text above.
Welcome

This is my test area for webdev. I keep a collection of code here, mostly for my reference. Also if i find a good link, i usually add it here and then forget about it. more...

You could also follow me on twitter. I have a couple of youtube channels if you want to see some video related content. RuneScape 3, Minecraft and also a coding channel here Web Dev.

If you found something useful or like my work, you can buy me a coffee here. Mmm Coffee. ☕

❤️👩‍💻🎮

🪦 2000 - 16 Oct 2022 - Boots
Random Quote

“Make no mistake: This is not your diary. You are not letting it all hang out. You are picking and choosing every single word.”


Dani Shapiro
Latest News
## 🚀 AI Giants Hit Bullseye: Anthropic & OpenAI Achieve Product-Market Fit Anthropic and OpenAI have reached a significant milestone, finding product-market fit with their AI technologies, which means their products effectively meet the needs of their customers, driving growth and adoption. This achievement showcases the practical value of their innovations, enabling businesses and individuals to leverage AI for enhanced productivity and efficiency. With this alignment of product and market needs, these companies are poised to transform industries and shape the future of technology.