Jamf unveils 2025 Security 360 Report: A strategic look at Mac and mobile security risks

HONG KONG SAR - Media OutReach Newswire - 19 June 2025 - Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, today released its Security 360 Report, separated into analyses for mobile and macOS environments. The report spotlights the risks organizations are facing and offers insights for security leaders to consider when protecting their organizations at the user, device, application and network levels.
'Our goal with this research is to inform security leaders about the risks impacting their organizations – whether those risks impact Mac or mobile – and provide tangible recommendations for safeguarding their organizations against increasingly sophisticated attacks,' said Josh Stein, VP of Product Strategy at Jamf. 'Age-old threats like phishing remain extremely prevalent and cannot be overlooked...nor can threats skyrocketing in popularity like infostealers. Jamf remains deeply committed to continuous threat research to not only protect our customers but also contribute valuable insights to the broader security community.'
Threat trends facing mobile environments
For many employees, mobile devices are the sole devices used at work. Regardless of occupation, the modern workplace is about empowering employees to connect from anywhere, at any time and on any device. This requires raising awareness about the most pervasive threats facing mobile devices and taking tangible steps to keep bad actors at bay.
Jamf's mobile device threat analysis is structured into four categories found to be the highest priorities for organizations worldwide.
Mobile phishing
With mobile devices keeping us connected everywhere, attackers' reach continues to expand. Over 12 months, Jamf identified approximately 10 million phishing attacks, discovered that 25% of organizations were impacted by a social engineering attack, and 1 in 10 users clicked on a malicious phishing link. Training programs can be extremely valuable in mitigating phishing attacks, as can adopting a layered approach with zero-trust methodology.
Vulnerability management
Jamf discovered that 32% of organizations operate at least one device with critical vulnerabilities and 55.1% of mobile devices used at work are running on a vulnerable operating system (OS). Both Apple and Google routinely provide security updates to patch known vulnerabilities, and the best way to mitigate damage is to update devices accordingly.
Application risk and malware
Earlier this year, Jamf published research on a Transparency, Consent and Control (TCC) bypass vulnerability affecting iOS devices and published a demonstration of how a 'sideloaded' app (an app from a third-party app store) can infringe on users' privacy. The harsh reality is that using the latest OS is still not enough to protect your organization – good security practices must extend to the application layer as well.
Malware and spyware
High-profile users such as journalists, politicians and diplomats are often targeted by mercenary spyware attacks. Just last year, Apple sent notices of spyware compromise to users in approximately 100 countries. While malware is not as pervasive on mobile devices, when discovered, it is found to be extremely advanced and targeted. Organizations must treat mobile like every other endpoint and avoid getting complacent about the threat of mobile malware.
Threat trends facing macOS environments
What began as a machine for executives and creatives is becoming increasingly ingrained into the daily operations of enterprises across all industries worldwide. The threat landscape for Mac is more diverse than ever, and bad actors are only getting more creative with their attack methodologies. Jamf's Mac threat report analyzes the threat landscape affecting Macs and organizes the findings into three main categories:
Application risk and malware
Jamf discovered that infostealers accounted for 28.36% of all Mac malware Jamf examined, skyrocketing from accounting for just 0.25% in last year's report. Jamf's research is aligned with these findings. Employees of organizations in high-profile industries (like crypto), must remain vigilant from both a training and security tool standpoint.
Vulnerability management
Jamf Threat Labs has dispelled the myth that Mac is invincible multiple times, including just last year when the team discovered a vulnerability in Gatekeeper, a crucial component blocking apps downloaded from the internet that don't have a valid developer ID. Having the right controls and training is crucial for mitigating risks caused by vulnerabilities on macOS.
Social engineering
With Macs becoming more common at work, the attack surface continues to expand. Phishing is typically thought of as email-specific, which is far from the truth. In fact, Jamf Threat Labs published research discussing a campaign from the Democratic People's Republic of Korea (DPRK) that uses LinkedIn messaging as an initial lure. Training employees in the various forms of phishing that can impact the Mac environment is critical for avoiding fallout.
Methodology
Jamf examined 1.4 million devices protected by Jamf. The analysis was carried out in the first quarter of 2025, revisiting the prior 12-month period and spanning globally across 90 countries and multiple platforms – specifically, iOS and iPadOS and Android devices for mobile as well as Macs. The analysis in this report is informed by Jamf's Threat Intelligence, a broad collection of insights that are derived from original threat research, real-world usage metrics, along with news analysis and data feeds.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

The Star

10 hours ago

• The Star

Apple sued by shareholders for allegedly overstating AI progress

FILE PHOTO: People walk past an Apple logo at an Apple store in Paris, France, April 23, 2025. REUTERS/Abdul Saboor/File photo (Reuters) -Apple was sued on Friday by shareholders in a proposed securities fraud class action that accused it of downplaying how long it needed to integrate advanced artificial intelligence into its Siri voice assistant, hurting iPhone sales and its stock price. The complaint covers shareholders who suffered potentially hundreds of billions of dollars of losses in the year ending June 9, when Apple introduced several features and aesthetic improvements for its products but kept AI changes modest. Apple did not immediately respond to requests for comment. CEO Tim Cook, Chief Financial Officer Kevan Parekh and former CFO Luca Maestri are also defendants in the lawsuit filed in San Francisco federal court. Shareholders led by Eric Tucker said that at its June 2024 Worldwide Developers Conference, Apple led them to believe AI would be a key driver of iPhone 16 devices, when it launched Apple Intelligence to make Siri more powerful and user-friendly. But they said the Cupertino, California-based company lacked a functional prototype of AI-based Siri features, and could not reasonably believe the features would ever be ready for iPhone 16s. Shareholders said the truth began to emerge on March 7 when Apple delayed some Siri upgrades to 2026, and continued through this year's Worldwide Developers Conference on June 9 when Apple's assessment of its AI progress disappointed analysts. Apple shares have lost nearly one-fourth of their value since their December 26, 2024 record high, wiping out approximately $900 billion of market value. The case is Tucker v. Apple Inc et al, U.S. District Court, Northern District of California, No. 25-05197. (Reporting by Jonathan Stempel in New York; Editing by Mark Porter and Rod Nickel)

The Sun

a day ago

• The Sun

CoolThink@JC × Cambodia Sharing and Exchange Programme MoU Signed to Advance Computational Thinking in Country's Schools

HONG KONG SAR - Media OutReach Newswire - 20 June 2025 - The CoolThink@JC programme, initiated and funded by The Hong Kong Jockey Club Charities Trust, signed a Memorandum of Understanding (MoU) with Cambodia's Ministry of Education, Youth and Sport at Sha Tin Racecourse in Hong Kong on 18 June. Under the MoU, titled 'CoolThink@JC × Cambodia Sharing and Exchange Programme', the ministry will adopt and adapt CoolThink@JC's internationally recognised curriculum and innovative education model in Cambodian primary schools. It will also foster collaboration through experience sharing between the educational systems of Hong Kong and Cambodia. The aim is to ensure that students from diverse backgrounds have equitable access to quality computational thinking education, thus nurturing future-ready talent for the digital age. The Ministry of Education, Youth and Sport plans to introduce CoolThink@JC's curricular materials and successful experiences in 100 public schools in Cambodia, benefiting approximately 30,000 students and 500 teachers, from 2025 to 2028. By enhancing students' computational thinking and problem-solving skills, the initiative can help to bridge the digital divide and open a new chapter in the development of Cambodia's education system. As an ASEAN member state participating in the Belt and Road Initiative, Cambodia plans to share this development at international platforms such as the 2026 Global Smart Education Conference in Beijing, further amplifying the programme's impact. By exploring both local and global educational perspectives and exchanging knowledge, educators from Hong Kong and Cambodia will collaborate to create better learning environments for Asian students. Translated teaching materials will also benefit ethnic minority students in Hong Kong, further promoting integrated education. Signing the MoU on behalf of Cambodia's Ministry of Education, Youth and Sport, Mr Sok Tha, Director of the ministry's Department of Digital Transformation, emphasised the significance of the CoolThink@JC programme in Cambodia's education system during the signing of the MoU. The collaboration with The Hong Kong Jockey Club Charities Trust on computational thinking education not only supports the Ministry in enhancing digital education but also aligns with the Royal Government of Cambodia's vision of producing qualified digital human resources. By integrating this program into classrooms, teachers can enhance their professional development, equipping themselves with the necessary skills to effectively incorporate technology into their teaching practices. This advancement benefits both teachers and students, improving student learning outcomes in the digital age. Through workshops and training sessions, teachers can refine their coding, problem-solving, and logical reasoning skills to better guide students. He is confident that implementing the program will enhance students' critical thinking, creativity, and innovation, leading to improved learning outcomes and better preparation for careers, especially in STEM fields and beyond. Ms Winnie Ying, Head of Charities (Youth Development & Poverty Alleviation; and Talent & Sector Development) of The Hong Kong Jockey Club Charities Trust, said: 'The CoolThink@JC programme has garnered wide international recognition, and its adoption by the Ministry of Education, Youth and Sport in Cambodia across 100 primary schools is a testament to its success and growing influence on the global stage. We are delighted to witness the establishment of the Association of Computational Thinking InnoCommunity Teachers by a group of passionate CoolThink teachers this year, facilitating experience sharing and professional exchange. Through collaboration and knowledge sharing, we aim to strengthen connections in education between Hong Kong, ASEAN and One Belt One Road regions, paving the way for high-quality, forward-looking education for the next generation. Together, we can drive innovation in education and shape a brighter future for our youth. The Club thanks the Education Bureau for its support in adopting and adapting CoolThink@JC and mainstreaming it in all publicly funded primary schools in Hong Kong.' CoolThink@JC: Advancing Computational Thinking Education Worldwide During his visit to Hong Kong, Mr Sok Tha was invited to join the first two days of the International Conference on Computational Thinking Education as a guest speaker and delivered a speech yesterday (19 June) at the conference. He remarked: 'In the post- pandemic era, the demand for digital education has been growing, and Cambodia's education system is undergoing a critical period of transformation. With comprehensive support from the government and related policies, Cambodia is dedicated to building a resilient, knowledge-based society founded on innovation, science and technology. We aim to comprehensively enhance the quality of education, sports, science and technology by integrating digital tools and STEM disciplines to equip students with crucial 21st-century skills. We look forward to our collaboration with The Hong Kong Jockey Club Charities Trust and CoolThink@JC, laying an educational foundation for Cambodia's youth towards a future-ready society.' CoolThink@JC created the International Conference on Computational Thinking Education (CTE) in 2016. Since 2021, it has provided support for the annual event to be held in different regions, attracting over 2,000 global education scholars, front-line teachers and IT professionals each year. This initiative effectively promotes computational thinking education and drives innovation globally. This year's conference is taking place from 18 to 20 June at The Education University of Hong Kong and Southern University of Science and Technology in Shenzhen, respectively. In 2023, the CoolThink@JC programme was adopted by Hong Kong's Education Bureau as the foundation for the 'Enriched Module on Coding Education for Upper Primary Level' module. The related learning and teaching materials will soon be rolled out in all publicly-funded schools in Hong Kong, supporting teachers to systematically integrate elements of innovation and technology into their curricula. This aims to cultivate students' interest and capability in information technology, while promoting and deepening STEAM education. Initiated and funded by The Hong Kong Jockey Club Charities Trust since 2016, the CoolThink@JC programme is co-created by The Education University of Hong Kong, Massachusetts Institute of Technology (MIT) and City University of Hong Kong, in collaboration with local educators and world-leading scholars. Since its inception, the programme has trained over 1,500 teachers and benefited more than 100,000 students. The programme is committed to mainstreaming computational thinking education into formal curricula, providing teachers with high-quality teaching materials, learning platforms and professional training. The curriculum emphasises problem-solving and logical reasoning skills, guiding students systematically through planning, analysis and debugging thought processes to effectively tackle challenges.

The Star

a day ago

• The Star

Where is Trump's 'all-American' phone made? Analysts point to Asia

The search is on to identify the actual manufacturer behind the US$499 (RM 2,123) Trump Mobile T1 smartphone, as most supply chain analysts cast doubt on the claim by the US president's family that the device could be 'proudly designed and built in the United States'. China, the world's largest smartphone market since 2011, is also the hub of global manufacturing, with estimates ranging from a low of 60 per cent to a high of 80 per cent of worldwide production. One in three of the 187 disclosed suppliers that provide parts for Apple's iPhones is in China. Trump's T1 phone, encased in gold, features an AMOLED (active-matrix organic light emitting diode) screen that measures 6.78 inches, with a fingerprint sensor that supports facial recognition for unlocking. It has a main camera of 50 million pixels and runs on Google's Android 15 operating system, Trump Mobile said on its official website without naming its chip supplier. The phone comes with a subscription called the 47 Plan, priced at US$47.45 (RM201.90) a month, a nod to Trump's as the 45th and 47th US president. Instead of building a new nationwide cellular network, the 47 Plan resells the capabilities of all three major US carriers: T-Mobile, Verizon Communications and AT&T. The problem is, there are no AMOLED producers anywhere outside Asia, and the worldwide shipments are roughly equally shared by South Korean and Chinese manufacturers, said Joy Guo, the principal analyst of Omdia's displays group. There were five AMOLED producers in China that all produced locally, while South Korean plants were within the country and in Vietnam, she said. It does not end there. The typical smartphone comprised multiple components from the casing to the camera, the screen and the battery, most of which had to be sourced outside the US, which went against the claim that the phone was 'made in America', said Omdia's senior analyst Aaron West. 'Considering the overall production capacity, the completeness of the supply chain and the assembly yield rate, it is indeed very difficult or costly to achieve mass production in the US at this stage,' said Chiu Shih-Fang, a senior industry analyst at the Taiwan Institute of Economic Research, adding that the cameras and the printed circuit board 'can barely be sourced from the US'. To be sure, the US does make smartphones, although at a much higher price. Purism, a 10-year-old electronics maker based in San Francisco, is the only notable US smartphone maker, whose Liberty Phone starts at US$1,999 (RM 8,505) . 'If the Trump Phone is promising a US$499 (RM2,123) price tag with domestic manufacturing, this announcement looks to be classic vapourware,' said Purism's CEO Todd Weaver, according to a Tuesday report by Reuters. All the specifications and design features of Trump's T1 phone 'indicate that they are using an ODM (original design manufacturer) to manufacture the phone,' said West, adding that the final step of adding a gold skin can be done in the US. So who could be the actual ODM producer, and could Trump's 'made-in-USA' phone have Chinese parentage? Intrepid sleuths have uncovered two models that bear a striking resemblance to the T1. The first is the REVVL 7 Pro 5G phone, made by the Wingtech unit of Luxshare Precision Industry based in Shenzhen. It is priced at US$171.65 (RM730.37) on with a subscription plan for the US cellular phone network T-Mobile. The other doppelgänger is Umidigi's A15, featuring three back camera lenses arranged like those in the T1. The A15, made by Shenzhen-based Umidigi, is priced at a discounted US$129.99 (RM553.11) on AliExpress, operated by the Post's owner Alibaba Group Holding. Similar to Trump's T1, both Chinese models come with a 5,000 milliampere-hour (mAh) battery and 256 gigabytes of storage. They also take similar designs to equip the selfie camera in the top middle of the screen. But the A15, much cheaper than the Trump phone, has a better main camera with 64 million pixels. Officials at Wingtech, Luxshare and Umidigi did not respond to requests for comment. Trump Mobile, part of the Trump Organisation, did not immediately respond. 'Perhaps in the future it's possible to achieve complete assembly and production in the US, but the first batch of phones delivered is unlikely to be made in the US,' said Robin Wang, an analyst from technology research firm Runto. – South China Morning Post