The newly discovered Gaslight malware for macOS highlights an emerging shift in attacker tradecraft: instead of only evading traditional security tools, threat actors are beginning to manipulate AI-assisted analysis itself. By embedding prompt injection techniques designed to mislead or halt LLM-powered malware analysis, attackers are testing how much security teams rely on AI during incident response. As AI becomes more deeply integrated into defensive workflows, organizations will need to treat AI systems as another attack surface, requiring validation, oversight, and resilience against manipulation.
You can find out more details here: New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
Gidi Cohen, CEO & Co-founder, Bonfy.AI
“Gaslight is a glimpse of where AI‑aware malware is headed—and a reminder that securing the data plane now matters as much as securing endpoints and sandboxes.
This Rust‑based macOS implant doesn’t just steal data and maintain a Telegram‑based C2 channel; it also embeds prompt‑injection content specifically designed to confuse LLM‑assisted analysis pipelines, flooding them with fabricated “system failure” messages to get automated triage to abort or mis‑report. In other words, the malware is actively targeting the AI tools defenders rely on, trying to shape what those systems “see” and how they respond.
For organizations, this means two things. AI‑assisted security workflows need explicit defenses against adversarial content, with clear separation between untrusted artifact data and trusted system messages. And because attackers are gaining more ways to mislead or bypass detection, enterprises must assume that traditional controls will be defeated more often—and ensure they have strong, contextual protection for sensitive data across email, SaaS apps, collaboration tools, and AI systems, so that even when malware slips through or “gaslights” the tools, the blast radius for critical information stays small.”
That should bust any myth that macOS is immune from malware. But realistically, you need to protect every device all the time regardless of OS. Otherwise bad things will happen.
UPDATE: Toghrul Tahirov, Head of AI Governance, Polygraf AI adds this:
“Gaslight is not a sandbox evasion technique. It is a social engineering attack aimed at an AI analyst.
The implant is standard North Korean tradecraft: Telegram C2, Python infostealer, Keychain harvesting. I am specifically amazed that what SentinelOne found is embedded inside it. There are 38 fabricated system messages engineered to convince an LLM-assisted triage agent that its own session is collapsing. They have thought this out! Fake token expiry. Fake OOM kills. Bogus injection warnings. Not to hide from the agent. To make it quit before finishing the job.
We don’t see any architectural separation. A fabricated system message and a real one that look identical to the model. That is not a prompt engineering problem. It is a fundamental design constraint, and adversaries are figuring out how to weaponize it against defenders. And see how fast they are productizing it.
The moment you put an AI agent into your pipeline, that agent becomes a part of your attack surface. Gaslight is the first field sample that treats it explicitly as one.
One can not just handle this sort of issue with a more capable model. Enforcement and security has to happen at the input boundary, kind of stand alone proxy environment, before untrusted content reaches the reasoning layer. That is the problem Polygraf’s AI Behavioral Control Plane addresses.”
Samsung and Canada Soccer Team Up to Redefine the Modern Soccer Fan Experience
Posted in Commentary with tags Samsung on June 26, 2026 by itnerdSoccer is having a moment in Canada, and fans are finding more ways than ever to follow the sport they love. Whether they’re streaming matches on the go, capturing celebrations from the stands or following along in group chats, they need smartphones that can keep up before, during and after the final whistle.
As the Official Mobile Partner of Canada Soccer, Samsung Electronics Canada is helping soccer enthusiasts stay closer to the action through Galaxy S26 Ultra smartphones and experiences designed to fuel the modern fan journey.
As part of the partnership with Canada Soccer, Samsung Electronics Canada is showcasing Galaxy experiences at Canada Soccer House in Toronto, where fans can enjoy hands-on access to some of the latest Galaxy S26 Ultra features. Visitors will have the opportunity to explore capabilities such as 100x Space Zoom[1], which captures the finest details from a distance, and Horizontal Lock[2], which creates smooth, stable video recordings even in dynamic environments.
This Galaxy experience highlights how Samsung can help fans create content worth keeping and revisiting. Capturing images from across the stadium or recording a boisterous goal celebration without the shake and blur that often comes with the moment, Galaxy S26 Ultra devices help fans preserve match-day memories with confidence.
For today’s supporters, maximizing the fan experience extends well beyond the stadium. Smartphones have become the primary way for many Canadians to stream match highlights between meetings, follow live updates during a commute or share content across social channels.
At Canada Soccer House and beyond, Samsung is demonstrating how Galaxy smartphones support fans at every stage and every form of fandom. The advanced camera technology on the Galaxy S26 Ultra helps fans capture the action with clarity, while immersive displays and powerful performance make it easier to watch, share and engage with content from virtually anywhere.
As soccer culture continues to grow across the country, Samsung remains committed to helping Canadians stay connected to the moments, communities and experiences that make the sport special.
To learn more about Samsung’s Galaxy S26 Ultra and other devices, visit https://samsung.com/ca/.
Leave a comment »