Jamf, which specializes in managing and securing Apple at work, today released its Security 360 Report, separated into analyses for mobile and macOS environments.
The report spotlights the risks organizations are facing and offers insights for security leaders to consider when protecting their organizations at the user, device, application and network levels.
“Our goal with this research is to inform security leaders about the risks impacting their organizations – whether those risks impact Mac or mobile – and provide tangible recommendations for safeguarding their organizations against increasingly sophisticated attacks,” said Josh Stein, vice president of Product Strategy at Jamf.
“Age-old threats like phishing remain extremely prevalent and cannot be overlooked…nor can threats skyrocketing in
popularity like infostealers. Jamf remains deeply committed to continuous threat research to not only protect our customers but also contribute valuable insights to the broader security community.”
Threat trends facing mobile environments
For many employees, mobile devices are the sole devices used at work. Regardless of occupation, the modern workplace is about empowering employees to connect from anywhere, at any time and on any device. This requires raising awareness about the most pervasive threats facing mobile devices and taking tangible steps to keep bad actors at bay.
Jamf’s mobile device threat analysis is structured into four categories found to be the highest priorities for organizations worldwide.
Mobile phishing
With mobile devices keeping us connected everywhere, attackers’ reach continues to expand. Over 12 months, Jamf odentified approximately 10 million phishing attacks, discovered that 25% of organizations were impacted by a social engineering attack, and 1 in 10 users clicked on a malicious phishing link. Training programs can be extremelyvaluable in mitigating phishing attacks, as can adopting a layered approach with zero-trust methodology.
Vulnerability management
Jamf discovered that 32% of organizations operate at least one device with critical vulnerabilities and 55.1% of mobile devices used at work are running on a vulnerable operating system (OS). Both Apple and Google routinely provide security updates to patch known vulnerabilities, and the best way to mitigate damage is to update devices accordingly.
Application risk and malware
Earlier this year, Jamf published research on a Transparency, Consent and Control (TCC) bypass vulnerability affecting iOS devices and published a demonstration of how a “sideloaded” app (an app from a third-party app store) can infringe on users’ privacy. Jamf says the harsh reality is that using the latest OS is still not enough to protect your organization – good security practices must extend to the application layer as well.
Malware and spyware
High-profile users such as journalists, politicians and diplomats are often targeted by mercenary spyware attacks. Just last year, Apple sent notices of spyware compromise to users in approximately 100 countries. While malware is not as pervasive on mobile devices, when discovered, it is found to be extremely advanced and targeted. Organizations must treat mobile like every other endpoint and avoid getting complacent about the threat of mobile malware, according to Jamf.
Threat trends facing macOS environments
What began as a machine for executives and creatives is becoming increasingly ingrained into the daily operations of enterprises across all industries worldwide. The threat landscape
for Mac is more diverse than ever, and bad actors are only getting more creative with their attack methodologies. Jamf’s Mac threat report analyzes the threat landscape affecting Macs and organizes the findings into three main categories:
Application risk and malware
Jamf discovered that info stealers accounted for 28.36% of all Mac malware Jamf examined, skyrocketing from accounting for just 0.25% in last year’s report. Jamf’s research is aligned
with these findings. Employees of organizations in high-profile industries (like crypto), must remain vigilant from both a training and security tool standpoint.
Vulnerability management
Jamf Threat Labs has dispelled the myth that Mac is invincible multiple times, including just last year when the team discovered a vulnerability in Gatekeeper, a crucial componentblocking apps downloaded from the internet that don’t have a valid developer ID. Having the right controls and training is crucial for mitigating risks caused by vulnerabilities on macOS.
Social engineering
With Macs becoming more common at work, the attack surface continues to expand. Phishing is typically thought of as email-specific, which is far from the truth. In fact, Jamf
Threat Labs published research discussing a campaign from the Democratic People’s Republic of Korea (DPRK) that uses LinkedIn messaging as an initial lure. Training employees in the various forms of phishing that can impact the Mac environment is critical for avoiding fallout.
Methodology
Jamf examined 1.4 million devices protected by Jamf. The snalysis was carried out in the first quarter of 2025, revisiting the prior 12-month period and spanning globally across 90
countries and multiple platforms – specifically, iOS and iPadOS and Android devices for mobile as well as Macs. The analysis in this report is informed by Jamf’s Threat Intelligence, a broad collection of insights that are derived from original threat research, real-world usage metrics, along with news analysis and data feeds.
