Security Bite

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this year, Apple announced that it was leading the charge on a cross-industry effort to bring end-to-end encryption (E2EE) to the RCS Universal Profile, which is published by the GSMA. Apple told 9to5Mac in March it would come to the iPhone in a future software update. Google soon after jumped in, stating it too was ‘committed to providing a secure messaging experience.’

I didn’t think it was completely unreasonable to assume we’d see this showcased at WWDC 2025…that didn’t happen. Then I thought maybe in one of the iOS 26 betas? Also nothing. So, what happened to cross-platform E2EE for RCS messaging? Is it still coming?

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this month, Moonlock, the cybersecurity division of MacPaw, released its Mac Security Survey 2025. It surveyed nearly 2,000 macOS users about their habits, concerns, and overall perceptions of cybersecurity on Mac. Most notably, the findings reveal an interesting shift in how Mac users perceive malware and the overall strength of Apple’s defenses.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

If you upgraded to iOS 26, you know the design changes and visual overhaul of Liquid Glass are undeniably impressive. But from a security perspective, one feature in particular has piqued my interest and seemingly gone under the radar: a new permission setting for wired accessories. This overlooked feature could be one of the most practical defenses Apple has shipped in years.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

If you’re reading this week’s Security Bite on your desktop, look closely at your browser’s address bar. Notice how the main (root) domain is bolder, while the rest of the URL is a lighter grey? This is not an accident, it’s a purposly implemented psychological trick called salience bias. This little design choice has protected users from phishing attacks for over a decade.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In an earlier edition of Security Bite, I predicted that Apple would finally announce end-to-end encryption (E2EE) to the RCS Universal Profile at WWDC 2025. That didn’t happen, but Apple did introduce two nice spam-protection tools along with a series of smaller updates designed to make the iPhone safer for everyone. Now that iOS 26 is basically in its final form ahead of wide release in tandem with the launch of iPhone 17, here’s a rundown of my favorite privacy features.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Malware has been a persistent threat since the first virus appeared in 1982 as a prank on Apple II computers. And malware is here to stay, but not because cybercriminals and nation-states are clever (they are), but because it’s mathematically impossible to stop it.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

TikTok has been found selling GPS trackers through its Shop feature that are being marketed by viral videos explicitly encouraging secretly tracking a romantic partner. What’s most alarming is that these videos have millions of views, and metrics show that over a hundred thousand have been sold.

I usually reserve Security Bite for digital security topics, but this discovery was too riveting to ignore. As first reported by 404 Media, the trackers are being compared to Apple AirTags—but for the wrong reasons…

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since rising to prominence in 2023, AMOS (Atomic macOS Stealer) has become the most notorious infostealer targeting the Apple ecosystem. The malware, designed to quietly pull all sorts of sensitive information from macOS systems, is a household name among security researchers, journalists, and maybe even victims.

But now, Moonlock, the cybersecurity division of MacPaw, says it’s been tracking a new threat actor with an infostealer gaining popularity in the veiled corners of darknet forums. In this week’s Security Bite, I discuss this interesting new emerging threat and how it’s shaking up the broader macOS landscape.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

The US-based security software firm Malwarebytes recently published a new study that attempts to settle the long-running iPhone vs. Android debate. This time, the focus isn’t on speed or camera quality, but on which users are safer online, including who takes more risks, who is less cautious, and who is more likely to fall for scams. The results are pretty surprising, but I think the real reason behind them has less to do with tech and more to do with behavior.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently fallen into the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. I want to share even more neat features you probably didn’t know Terminal could do. These can be helpful if you’re an everyday Mac user or managing an enterprise fleet. Now, allow me to elevate your command-line prowess further.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Let’s say you have screenshots of sensitive information sitting on your desktop that you’d like to password protect. You know that images of tax, banking, wire transfer forms, etc. in the clear can easily be viewed by anyone with physical or remote access to your machine, but you’re unsure how to secure them. Unfortunately, macOS Preview doesn’t support file-level password protection, but there are quick workarounds that don’t require third-party software or downloading anything not already on your Mac.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s the same early-day digital scareware we’ve all seen before: “Your iPhone is infected with (310) viruses. Click here to remove them.” These pop-ups, seemingly always 280p quality and slapped together with stock graphics from a different reality, usually appear on shady websites as malicious ads or junk software, urging people to install a “fix” or be doomed. But one was recently spotted running as an ad on YouTube for a sketchy iPhone clean up app.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

In a Bluetooth Impersonation Attack (or BIAS), hackers can exploit weaknesses in the Bluetooth protocol to impersonate a trusted device. “BOSE QC Headphones” in the Bluetooth menu could be a low-orbiting ion cannon waiting for an end-user to connect to it before unleashing all sorts of damage.

This week, I want to again share how hackers can use Flipper Zero to send sneaky keystrokes to a Mac if a victim connects to a potentially malicious Bluetooth device. This isn’t going to be a complete tutorial since there are tons of guides out there already. Instead, I want to point out how easy it is to pull this off, to make you a bit more paranoid.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Each year, Jamf—the popular Apple device management platform—releases its Security 360: Annual Trends Report, which gives a broad outlook of the macOS threat landscape currently facing businesses and users. The analysis uses anonymized real-world data collected from 1.4 million Macs across 90 countries with Jamf software installed.

Today, Jamf is out with its 2025 edition, which spans the previous 12 months. The report offers many shocking insights, most notably a 28% spike in infostealer malware, making it the leading Mac malware family type.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Earlier this week, during its annual WWDC keynote, Apple unveiled a slew of headline features like Liquid Glass, a new Games app, and Visual Intelligence, as well as two major spam protection tools coming to iOS 26 this fall. While I was a little disappointed in the lack of new security or even privacy features, these new tools will change the game for users who receive annoying spam calls and messages on the daily. Here’s how they work.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

It’s no secret that AI is improving the way scammers operate. Phishing texts are more convincing than ever, and malicious emails can look legitimate for longer than just a glance. Attackers are getting smarter about how they trick people into handing over money or personal info. But the good guys are getting better, too.

Earlier this week, Malwarebytes, best known for its real-time anti-malware protection software, launched a new AI-powered feature aimed specifically at mobile scams. I’ve been testing it out for the past few days. Here’s how it works and my quick thoughts on it.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

We’re officially just over a week away from WWDC 2025. While we expect big design enhancements and much-needed Apple Intelligence improvements to iOS, Apple has the opportunity to do something it’s quite good at: flexing its privacy prowess.

Apple introduced app privacy labels to help people better understand what data an app may collect, including what data is linked to them or used to track them across the web. When released back in 2020, the labels set a precedent in the industry and were a major first step in raising awareness of privacy-invasive apps. It became easy for users to compare something like Signal, which collects virtually no user data at all, and Facebook Messenger, which gobbles up anything and everything it can. The feature set out to help users make informed downloads.

However, in recent years, I have seen a growing conversation around whether these entirely self-reported labels located further down on the application’s App Store page still impact the user’s decision before hitting “Get” to install.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

This year marks the 25th anniversary of the FBI’s Internet Crime Complaint Center, or IC3 for short. Since its inception in 2000, the organization has released an annual report detailing trends based on the thousands of cybercrime complaints it receives daily from victims. This week, the FBI released its 2024 Internet Crime Report, revealing a record $16.6 billion in reported losses—a 33% increase and “a new record for losses reported to IC3.”

If there’s one thing this report highlights best, it’s that humans are more vulnerable than machines.

Ever wonder what malware macOS can detect and remove without help from third-party software? Apple continuously adds new malware detection rules to Mac’s built-in XProtect suite. While most rule names (signatures) are obfuscated, with a bit of reversing engineering, security researchers can map them to their common industry names.

In this edition of 9to5Mac Security Bite, I revisit a story I started working on in May of 2024. Because Apple is continuously adding new modules to its XProtect suite to combat the latest malware trends, I suspect this column will continue to update over time. Here’s what malware your Mac can detect and remove on its own:

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’ve recently found myself down the rabbit hole of lesser-known Terminal features. These past months, I covered everything from enabling Touch ID for sudo authentication to cleaning up public Wi-Fi connections stored on your Mac. But this past week, I journeyed deeper and found even more neat features you probably didn’t know Terminal could do, and I’m not talking ping command here. In this edition of Security Bite, allow me to elevate your command line prowess further.