Arin Waichulis

After warning 9to5Mac last month about undetectable Mac malware hidden in a fake PDF converter site, Mosyle, a leader in Apple device management and security, has now uncovered a new infostealer. Dubbed ModStealer, the malware has remained invisible to all major antivirus engines since first appearing on VirusTotal nearly a month ago.

In details shared exclusively with 9to5Mac, Mosyle says ModStealer doesn’t just target macOS systems, but is cross-platform and purpose-built for one thing: stealing data.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

If you’re reading this week’s Security Bite on your desktop, look closely at your browser’s address bar. Notice how the main (root) domain is bolder, while the rest of the URL is a lighter grey? This is not an accident, it’s a purposly implemented psychological trick called salience bias. This little design choice has protected users from phishing attacks for over a decade.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In an earlier edition of Security Bite, I predicted that Apple would finally announce end-to-end encryption (E2EE) to the RCS Universal Profile at WWDC 2025. That didn’t happen, but Apple did introduce two nice spam-protection tools along with a series of smaller updates designed to make the iPhone safer for everyone. Now that iOS 26 is basically in its final form ahead of wide release in tandem with the launch of iPhone 17, here’s a rundown of my favorite privacy features.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Malware has been a persistent threat since the first virus appeared in 1982 as a prank on Apple II computers. And malware is here to stay, but not because cybercriminals and nation-states are clever (they are), but because it’s mathematically impossible to stop it.

Mosyle, a leader in Apple device management and security, has exclusively revealed to 9to5Mac details on a new Mac malware strain, dubbed “JSCoreRunner”. The zero-day threat evaded all detections on VirusTotal at the time of discovery, spreading through a malicious PDF conversion site called fileripple[.]com to trick users into downloading what appears to be a harmless utility.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

TikTok has been found selling GPS trackers through its Shop feature that are being marketed by viral videos explicitly encouraging secretly tracking a romantic partner. What’s most alarming is that these videos have millions of views, and metrics show that over a hundred thousand have been sold.

I usually reserve Security Bite for digital security topics, but this discovery was too riveting to ignore. As first reported by 404 Media, the trackers are being compared to Apple AirTags—but for the wrong reasons…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since rising to prominence in 2023, AMOS (Atomic macOS Stealer) has become the most notorious infostealer targeting the Apple ecosystem. The malware, designed to quietly pull all sorts of sensitive information from macOS systems, is a household name among security researchers, journalists, and maybe even victims.

But now, Moonlock, the cybersecurity division of MacPaw, says it’s been tracking a new threat actor with an infostealer gaining popularity in the veiled corners of darknet forums. In this week’s Security Bite, I discuss this interesting new emerging threat and how it’s shaking up the broader macOS landscape.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

The US-based security software firm Malwarebytes recently published a new study that attempts to settle the long-running iPhone vs. Android debate. This time, the focus isn’t on speed or camera quality, but on which users are safer online, including who takes more risks, who is less cautious, and who is more likely to fall for scams. The results are pretty surprising, but I think the real reason behind them has less to do with tech and more to do with behavior.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently fallen into the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. I want to share even more neat features you probably didn’t know Terminal could do. These can be helpful if you’re an everyday Mac user or managing an enterprise fleet. Now, allow me to elevate your command-line prowess further.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s the same early-day digital scareware we’ve all seen before: “Your iPhone is infected with (310) viruses. Click here to remove them.” These pop-ups, seemingly always 280p quality and slapped together with stock graphics from a different reality, usually appear on shady websites as malicious ads or junk software, urging people to install a “fix” or be doomed. But one was recently spotted running as an ad on YouTube for a sketchy iPhone clean up app.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In a Bluetooth Impersonation Attack (or BIAS), hackers can exploit weaknesses in the Bluetooth protocol to impersonate a trusted device. “BOSE QC Headphones” in the Bluetooth menu could be a low-orbiting ion cannon waiting for an end-user to connect to it before unleashing all sorts of damage.

This week, I want to again share how hackers can use Flipper Zero to send sneaky keystrokes to a Mac if a victim connects to a potentially malicious Bluetooth device. This isn’t going to be a complete tutorial since there are tons of guides out there already. Instead, I want to point out how easy it is to pull this off, to make you a bit more paranoid.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Each year, Jamf—the popular Apple device management platform—releases its Security 360: Annual Trends Report, which gives a broad outlook of the macOS threat landscape currently facing businesses and users. The analysis uses anonymized real-world data collected from 1.4 million Macs across 90 countries with Jamf software installed.

Today, Jamf is out with its 2025 edition, which spans the previous 12 months. The report offers many shocking insights, most notably a 28% spike in infostealer malware, making it the leading Mac malware family type.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this week, during its annual WWDC keynote, Apple unveiled a slew of headline features like Liquid Glass, a new Games app, and Visual Intelligence, as well as two major spam protection tools coming to iOS 26 this fall. While I was a little disappointed in the lack of new security or even privacy features, these new tools will change the game for users who receive annoying spam calls and messages on the daily. Here’s how they work.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s no secret that AI is improving the way scammers operate. Phishing texts are more convincing than ever, and malicious emails can look legitimate for longer than just a glance. Attackers are getting smarter about how they trick people into handing over money or personal info. But the good guys are getting better, too.

Earlier this week, Malwarebytes, best known for its real-time anti-malware protection software, launched a new AI-powered feature aimed specifically at mobile scams. I’ve been testing it out for the past few days. Here’s how it works and my quick thoughts on it.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

We’re officially just over a week away from WWDC 2025. While we expect big design enhancements and much-needed Apple Intelligence improvements to iOS, Apple has the opportunity to do something it’s quite good at: flexing its privacy prowess.

Apple introduced app privacy labels to help people better understand what data an app may collect, including what data is linked to them or used to track them across the web. When released back in 2020, the labels set a precedent in the industry and were a major first step in raising awareness of privacy-invasive apps. It became easy for users to compare something like Signal, which collects virtually no user data at all, and Facebook Messenger, which gobbles up anything and everything it can. The feature set out to help users make informed downloads.

However, in recent years, I have seen a growing conversation around whether these entirely self-reported labels located further down on the application’s App Store page still impact the user’s decision before hitting “Get” to install.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since Apple launched its M-series processors and recently the C1 cellular modem, the company has been slowly but surely moving toward complete chip independence. Apple is even working on its own Bluetooth and Wi-Fi solution, which is reportedly coming with new Home products and the iPhone 17 lineup in the Fall.

One obvious benefit of developing chips in-house is energy efficiency. Apple toated this with the introduction of Apple Silicon what feels like a hundred years ago, and with its latest C1 modem, which gives the iPhone 16e nearly 20% better battery life over the flagship iPhone 16. While improved battery life is certainly appealing, there are less obvious and possibly more significant benefits of Apple having end-to-end control over both the software and hardware components.

This is Security Bite, where I share insights on data privacy, vulnerabilities, or emerging threats within Apple’s vast ecosystem of over 2 billion active devices each week.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

This year marks the 25th anniversary of the FBI’s Internet Crime Complaint Center, or IC3 for short. Since its inception in 2000, the organization has released an annual report detailing trends based on the thousands of cybercrime complaints it receives daily from victims. This week, the FBI released its 2024 Internet Crime Report, revealing a record $16.6 billion in reported losses—a 33% increase and “a new record for losses reported to IC3.”

If there’s one thing this report highlights best, it’s that humans are more vulnerable than machines.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently found myself down the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. But this past week, I journeyed deeper and found even more neat features you probably didn’t know Terminal could do, and I’m not talking ping command here. In this edition of Security Bite, allow me to elevate your command line prowess further.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

For years, macOS security developers and researchers have urged Apple to add TCC events to the Endpoint Security (ES) framework. Doing so would allow them to directly trace a TCC request to the specific application (or malware) that triggered it. This could allow third-party security tools to offer real-time protection around permission requests.

The good news? Apple is finally making this happen in macOS 15.4.

The bad news? It’s rough around the edges right now.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

For years, Apple offered its built-in Keychain password management tool tucked away in the Settings app, allowing users to automatically generate and save passwords—but quickly managing specific logins could often feel tedious. With iOS 18, iPadOS 18, and macOS Sequoia, Apple introduced the standalone Passwords app in an effort to make credential management more convenient. Still, many are skeptical about whether the new app has enough features to compete with paid password managers—or if that’s even Apple’s goal.