Apple device management firm Mosyle has uncovered the first known AI-assisted macOS malware campaign, marking a significant shift in cyber threats targeting Apple computers. The newly identified crypto-mining malware contains code generated by large language models (LLMs), confirming long-held security industry fears about AI weaponization. According to Mosyle, this sophisticated threat evaded detection by all major antivirus engines at the time of discovery.

This development validates warnings issued nearly a year prior by Moonlock Lab, which monitored dark web discussions regarding threat actors utilizing LLMs to write malicious code targeting macOS. While crypto miners are not new to the platform, the use of generative AI to automate and obfuscate malware creation represents a dangerous escalation. This incident highlights a growing vulnerability in endpoint security, as traditional signature-based detection struggles to identify AI-generated polymorphic code.

Mac users and enterprise administrators must now prepare for an era where malware evolves faster than conventional defense mechanisms.