In a nutshell: Malware can bypass AI-based security analysis through deliberately embedded fake error messages and prompt injections.
A newly discovered macOS malware called “Gaslight” uses embedded prompt-injection strings and fake debug data to deceive AI-powered malware analysis tools. This represents a new attack vector specifically targeting automated security analysis infrastructure.
The “Gaslight” malware was constructed to deliberately mislead AI analysis tools. It contains prompt-injection strings and artificial debug outputs embedded in the executable. These techniques are designed to confuse automated analysis tools and thus make malware detection more difficult.
For security operations, this means that purely AI-based or automated malware analysis is insufficient. Attackers can now deliberately employ techniques to deceive common LLM-based analysis tools—similar to adversarial attacks in other contexts. This demonstrates that AI assistants for security analysis are not immune to social engineering or targeted disinformation.
CISOs should take this development into account when evaluating their security tools and ensure that AI-powered analysis does not function as the sole control mechanism. A combination of AI tools, static analysis, and human expertise remains necessary to detect such evasion techniques.
Source: www.bleepingcomputer.com · Published 25 June 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification via Lumi News Pipeline v1.7.1.