THREATOPS
THREAT OPSThreat News › macOS Gaslight Backdoor Weaponizes Prompt Injection Against Security Analysts

macOS Gaslight Backdoor Weaponizes Prompt Injection Against Security Analysts

lowduo_decipherPublished 2026-06-24

<p class="wp-block-paragraph">Researchers have uncovered a clever new macOS implant called Gaslight that introduces a novel evolution in attacker tradecraft by utilizing prompt injection to target security analysts and LLM-assisted triage tools rather than just the sandbox environment.&nbsp;</p>

<p class="wp-block-paragraph">Gaslight is a Rust-based backdoor that researchers from SentinelOne ha

MITRE ATT&CK techniques

Original source: https://decipher.sc/2026/06/24/macos-gaslight-backdoor-weaponizes-prompt-injection-against-security-analysts/