macOS malware "Gaslight" uses prompt injection to fool AI security tools
SentinelOne has uncovered macOS malware called "Gaslight" that uses prompt injection to mislead AI-assisted security triage tools. The malware embeds fake Markdown system messages to trick large language models into halting their analysis. Beyond this novel trick, Gaslight functions as a standard backdoor and infostealer. Researchers warn defenders to isolate AI analysis pipelines and treat malware samples as adversarial input.
SentinelOne uncovered macOS malware “Gaslight” that uses prompt injection to mislead AI‑assisted triage tools during analysisBeyond standard backdoor and infostealer capabilities, it embeds fake Markdown “system” messages to trick LLMs into halting investigationResearchers warn defenders to treat malware samples as adversarial input and isolate AI pipelines, as more analyst‑targeting prompt injection is expectedWe’ve seen prompt injection in websites and emails, but what about - malware samples? Security researchers SentinelOne recently published an in-depth report on a newly uncovered piece of macOS malware called Gaslight that, as the name suggests, tries to gaslight AI-assisted triage agents into stopping the analysis.The malware itself is nothing out of the ordinary: it infects the device by whatever means necessary (usually phishing and social engineering), connects to attacker-controlled infrastructure via Telegram, and then executes different commands such as profiling the device, running arbitrary shell commands, stealing files, or terminating processes. It also delivers a stage-two malware that acts as an infostealer, pulling passwords, sensitive PDFs, cryptocurrency wallet information, and more.Weaponizing LLM-assisted triage pipelinesBut where Gaslight stands out is its defenses against AI-powered malware analysis. According to SentinelOne, the malware contains a large block of fake Markdown-formatted "system" messages designed for AI assistants that security researchers may use during reverse engineering. These messages claim things like “the AI's authentication token has expired”, “the analysis environment is running out of memory”, “disk space has been exhausted”, “static analysis is unsafe”, and similar. While a human analyst would definitely recognize these fake messages even at a glance, an LLM that isn’t properly isolated from untrusted input could interpret them as genuine system instructions and refuse to further analyze the malware. “macOS.Gaslight is noteworthy for its analyst-targeting prompt injection, an attempt to weaponize the LLM-assisted triage pipelines that increasingly sit in the reverse-engineering loop,” SentinelOne explains. “Anyone building such tooling should treat the contents of the samples they triage as adversarial input, never as instructions, and be prepared to keep hostile content out of the model entirely. As LLM-assisted analysis becomes routine, defenders should expect more samples built to exploit it.”The researchers have published a full list of indicators of compromise on this link.Via The Hacker News
Researchers have found that chimpanzees share a laughter rhythm with humans, offering new clues about the evolution of speech. Nature's briefing podcast also discusses findings suggesting that widespread AI use may be degrading skills among doctors and computer scientists. Both topics were covered in Nature's June 26, 2026 briefing.
St. Thomas, Nevada was a thriving community before it was submerged by Lake Mead in the 1930s. As the lake's water levels periodically drop, the ruins of the town re-emerge, attracting tourists and researchers. This recurring phenomenon makes St. Thomas one of the most unusual ghost towns in the United States.
A growing number of young Poles are consciously giving up parties, alcohol and constant socialising. Psychologist Kinga Soska-Zwierzyńska explains that society is exhausted and overstimulated. While exotic holidays were once the ultimate luxury, an hour without a phone or others' expectations has taken that role — a sign of a broader cultural shift among the FOMO generation.
Bandai Namco has announced Tekken! Cartoon, a new animated series that draws heavily from American animation styles. This marks a significant departure from previous Tekken adaptations, which were generally poorly received. The announcement suggests creators are deliberately breaking from the franchise's past approach to animation.
Polish Minister Jakub Rutnicki signed an agreement with Ukrainian Minister Viktoriia Riasna on cooperation in the field of physical culture and sport. The deal formalises Polish-Ukrainian sports collaboration. No further details about the programme's specific content were provided in the announcement.
Neel Kashkari, President of the Federal Reserve Bank of Minneapolis, stated that he expects an interest rate hike to occur this year. The comment signals a hawkish stance within the Fed amid persistent inflation concerns. Kashkari's remarks may shift market expectations regarding US monetary policy.
The Ukraine Recovery Conference (URC 2026) held in Gdańsk concluded with nearly 200 agreements, accords and letters of intent signed. Around 7,500 participants attended, including 70 state delegations and 30 delegations from international organizations. The preliminary results were announced by Deputy Minister of State Assets Eliza Zeidler.
Peter Diamandis, founder of the Xprize Foundation, has argued that people behave better when they are being watched and has advocated for global surveillance as a tool for improving human behaviour. He follows Larry Ellison, who made similar comments in 2024. The statement reignites debate about the limits of privacy in the digital age.
Estonian researchers have challenged the widely held belief that male sexual desire peaks before age 20 and then steadily declines. Their study suggests the drop in male libido may not occur until around the age of 40. The findings call into question established assumptions about male sexuality and could influence approaches to sexual health.
Archaeologists have discovered a Neolithic settlement near Poznań dating back approximately 6,000 years. Its inhabitants practised farming methods that could today be described as sustainable, showing greater environmental care than modern societies. The find is considered one of the most significant archaeological discoveries in the region.
Emira D'Spain, a 29-year-old fashion content creator, has made her reality TV debut on Bravo's Next Gen NYC. The influencer had long planned a transition from online platforms to television and is now making waves on the Bravo network. The profile traces her journey from social media fame to the small screen.
Daniel Castellani, a former head coach of the Polish men's volleyball national team, has died at the age of 65. The news reached Poland on Thursday evening. Marcin Możdżonek, a former Polish volleyball player and advisor to Karol Nawrocki, paid tribute: "For the volleyball world, it's the loss of a brilliant coach, but for me personally — the loss of someone far more important."
SpaceX shares have lost momentum following their blockbuster market debut, but the company is set to enter major stock indexes soon. That will trigger billions of dollars in automatic buying from passive funds, creating strong upward pressure on the stock. This sets up a direct collision between index-driven buyers and short sellers betting against Elon Musk's newest public company.
Nayef Samaro, a 25-year-old Palestinian, was killed during an Israeli military raid on Nablus in the occupied West Bank as he was preparing to go to the hospital for the birth of his first son. His family was left to grieve his death while simultaneously welcoming a newborn child. The incident occurred amid ongoing Israeli military operations in the West Bank.
Samsung has announced it will begin charging for access to the SmartThings API, which has previously been available for free. The change will affect developers and companies that integrate their products with Samsung's smart home ecosystem. Specific pricing details were not disclosed in the announcement.
Dr Jacek Koprowicz, a psychiatrist, describes a deepening mental health crisis in Poland driven by chronic overwork and overstimulation. His patients typically hold two jobs, raise children and wake at 6 a.m. with overwhelming daily schedules, then complain of poor sleep and inability to concentrate. The doctor argues the root cause is not medical but a fundamentally unsustainable way of life.
Brands have released a wave of Pride 2026 collections featuring vinyl records, graphic tees and thoughtful tributes to LGBTQ+ landmarks. A curated list highlights the ten standout collaborations still available to shop before June ends.
The tradition of mowing lawns dates back centuries to Europe, where neatly trimmed grass was a luxury reserved for the wealthiest landowners. What began as a status symbol has evolved into a widespread modern practice. The article explores the historical and cultural roots of this everyday habit.
Critical Role has announced changes to the format of Campaign 4, which was originally set to use a West Marches structure with three rotating tables of players. The creators have decided to modify this setup earlier than expected, departing from the initial concept for the show's Aramán storyline. Full details of the new approach were not revealed.
The US men's national soccer team has advanced to the Round of 32 at the FIFA World Cup, boosting the prize money available to each player. FIFA's prize pool increases at each stage, meaning deeper runs yield significantly higher individual earnings. The exact per-player amount depends on how far the team progresses in the tournament.
What's wrong?
Comments
Loading…
Swipe up
⚡
You're all caught up
You've seen all the latest stories. Check back later for more.
Comments
No comments yet — be the first to weigh in 👇
No comments yet. Be the first!