Arin Waichulis

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since rising to prominence in 2023, AMOS (Atomic macOS Stealer) has become the most notorious infostealer targeting the Apple ecosystem. The malware, designed to quietly pull all sorts of sensitive information from macOS systems, is a household name among security researchers, journalists, and maybe even victims.

But now, Moonlock, the cybersecurity division of MacPaw, says it’s been tracking a new threat actor with an infostealer gaining popularity in the veiled corners of darknet forums. In this week’s Security Bite, I discuss this interesting new emerging threat and how it’s shaking up the broader macOS landscape.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

The US-based security software firm Malwarebytes recently published a new study that attempts to settle the long-running iPhone vs. Android debate. This time, the focus isn’t on speed or camera quality, but on which users are safer online, including who takes more risks, who is less cautious, and who is more likely to fall for scams. The results are pretty surprising, but I think the real reason behind them has less to do with tech and more to do with behavior.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently fallen into the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. I want to share even more neat features you probably didn’t know Terminal could do. These can be helpful if you’re an everyday Mac user or managing an enterprise fleet. Now, allow me to elevate your command-line prowess further.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s the same early-day digital scareware we’ve all seen before: “Your iPhone is infected with (310) viruses. Click here to remove them.” These pop-ups, seemingly always 280p quality and slapped together with stock graphics from a different reality, usually appear on shady websites as malicious ads or junk software, urging people to install a “fix” or be doomed. But one was recently spotted running as an ad on YouTube for a sketchy iPhone clean up app.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In a Bluetooth Impersonation Attack (or BIAS), hackers can exploit weaknesses in the Bluetooth protocol to impersonate a trusted device. “BOSE QC Headphones” in the Bluetooth menu could be a low-orbiting ion cannon waiting for an end-user to connect to it before unleashing all sorts of damage.

This week, I want to again share how hackers can use Flipper Zero to send sneaky keystrokes to a Mac if a victim connects to a potentially malicious Bluetooth device. This isn’t going to be a complete tutorial since there are tons of guides out there already. Instead, I want to point out how easy it is to pull this off, to make you a bit more paranoid.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Each year, Jamf—the popular Apple device management platform—releases its Security 360: Annual Trends Report, which gives a broad outlook of the macOS threat landscape currently facing businesses and users. The analysis uses anonymized real-world data collected from 1.4 million Macs across 90 countries with Jamf software installed.

Today, Jamf is out with its 2025 edition, which spans the previous 12 months. The report offers many shocking insights, most notably a 28% spike in infostealer malware, making it the leading Mac malware family type.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this week, during its annual WWDC keynote, Apple unveiled a slew of headline features like Liquid Glass, a new Games app, and Visual Intelligence, as well as two major spam protection tools coming to iOS 26 this fall. While I was a little disappointed in the lack of new security or even privacy features, these new tools will change the game for users who receive annoying spam calls and messages on the daily. Here’s how they work.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s no secret that AI is improving the way scammers operate. Phishing texts are more convincing than ever, and malicious emails can look legitimate for longer than just a glance. Attackers are getting smarter about how they trick people into handing over money or personal info. But the good guys are getting better, too.

Earlier this week, Malwarebytes, best known for its real-time anti-malware protection software, launched a new AI-powered feature aimed specifically at mobile scams. I’ve been testing it out for the past few days. Here’s how it works and my quick thoughts on it.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

We’re officially just over a week away from WWDC 2025. While we expect big design enhancements and much-needed Apple Intelligence improvements to iOS, Apple has the opportunity to do something it’s quite good at: flexing its privacy prowess.

Apple introduced app privacy labels to help people better understand what data an app may collect, including what data is linked to them or used to track them across the web. When released back in 2020, the labels set a precedent in the industry and were a major first step in raising awareness of privacy-invasive apps. It became easy for users to compare something like Signal, which collects virtually no user data at all, and Facebook Messenger, which gobbles up anything and everything it can. The feature set out to help users make informed downloads.

However, in recent years, I have seen a growing conversation around whether these entirely self-reported labels located further down on the application’s App Store page still impact the user’s decision before hitting “Get” to install.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since Apple launched its M-series processors and recently the C1 cellular modem, the company has been slowly but surely moving toward complete chip independence. Apple is even working on its own Bluetooth and Wi-Fi solution, which is reportedly coming with new Home products and the iPhone 17 lineup in the Fall.

One obvious benefit of developing chips in-house is energy efficiency. Apple toated this with the introduction of Apple Silicon what feels like a hundred years ago, and with its latest C1 modem, which gives the iPhone 16e nearly 20% better battery life over the flagship iPhone 16. While improved battery life is certainly appealing, there are less obvious and possibly more significant benefits of Apple having end-to-end control over both the software and hardware components.

This is Security Bite, where I share insights on data privacy, vulnerabilities, or emerging threats within Apple’s vast ecosystem of over 2 billion active devices each week.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

This year marks the 25th anniversary of the FBI’s Internet Crime Complaint Center, or IC3 for short. Since its inception in 2000, the organization has released an annual report detailing trends based on the thousands of cybercrime complaints it receives daily from victims. This week, the FBI released its 2024 Internet Crime Report, revealing a record $16.6 billion in reported losses—a 33% increase and “a new record for losses reported to IC3.”

If there’s one thing this report highlights best, it’s that humans are more vulnerable than machines.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently found myself down the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. But this past week, I journeyed deeper and found even more neat features you probably didn’t know Terminal could do, and I’m not talking ping command here. In this edition of Security Bite, allow me to elevate your command line prowess further.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

For years, macOS security developers and researchers have urged Apple to add TCC events to the Endpoint Security (ES) framework. Doing so would allow them to directly trace a TCC request to the specific application (or malware) that triggered it. This could allow third-party security tools to offer real-time protection around permission requests.

The good news? Apple is finally making this happen in macOS 15.4.

The bad news? It’s rough around the edges right now.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

For years, Apple offered its built-in Keychain password management tool tucked away in the Settings app, allowing users to automatically generate and save passwords—but quickly managing specific logins could often feel tedious. With iOS 18, iPadOS 18, and macOS Sequoia, Apple introduced the standalone Passwords app in an effort to make credential management more convenient. Still, many are skeptical about whether the new app has enough features to compete with paid password managers—or if that’s even Apple’s goal.

In iOS 18, Apple spun off its Keychain password management tool—previously only tucked away in Settings—into a standalone app called Passwords. It was the company’s first move at making credential management more convenient for users. It’s now been revealed that a serious HTTP bug left Passwords users vulnerable to phishing attacks for nearly three months, from the initial release of iOS 18 until the patch in iOS 18.2.

Whether you own a Mac personally or manage a fleet with enterprise endpoint software like Mosyle, there’s a good chance you have scores of old unsecured wireless networks saved—Wi-Fi points that don’t require authentication. Common places where users connect and save these networks could be Starbucks (often “Starbucks WiFi”) and airports (like “Airport Guest”).

So, the risk? Attackers can exploit this by setting up rogue access points with the same SSIDs, tricking your device into connecting automatically. To prevent spoofing attacks like this, you can automate the removal of common SSIDs using the following script below!

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

One of the greatest benefits of Touch ID on Mac is rarely having to type your password when making purchases, signing into apps, and, of course, unlocking the device. It might be ancient technology to the iPhone at this point, but it continues to be a default luxury on Mac. If you frequent Terminal, you’ll be glad to know you can also authenticate as administrator with Touch ID for all the sudo goodness with one tap.

Imagine you’re on your way to dinner, walking down a decently busy street during the day. You’re using your new iPhone 16 Pro for directions before, out of nowhere, a masked individual on an e-bike whips around to your side and snatches your Desert Titanium baby and zooms off. All in seconds. This sounds like a one-off insane situation, but this is precisely what happened to Dimitar Stanimiroff last week in London, England. And he’s not alone…

The most recent statistics say a phone is stolen on average every 6 minutes in London, or about 64,000 annually. It’s so common that the City of London Police deployed special task forces to snuff out these gangs and even had to publish a blog post explaining how to protect your mobile device in public.

Over the years, Apple has made impressive strides in implementing anti-theft measures like Activation Lock and inadvertent “parts pairing” rules. These features and others are meant to deter thieves and minimize situations like Stanimiroff’s. Is it enough?

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Tired of hearing about DeepSeek yet? The China-based LLM chatbot beached itself onto the scene this week, dominating the tech news cycle and even taking #1 on the App Store, where it still sits as of writing. However, its rapid popularity has led to a wave of new phishing campaigns, investment scams, and macOS malware disguised as real DeepSeek applications. Here’s the latest.

You’re reading 9to5Mac Security Bite, where each week, I share insights on data privacy, discuss the latest vulnerabilities, and shed light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices.

On this day 41 years ago, Apple’s first Macintosh went on sale, just two days after being introduced to the world during a commercial break in the third quarter of Super Bowl XVIII. Although “1984” became a cultural phenomenon and a watershed moment for product launches, Apple’s Board of Directors was against it from the start. Here’s how the legendary ad almost didn’t air…