Security Bite

Why ClickFix is now the #1 way Macs get infected

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. [https://mosyle.net/87PQ] Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL [https://mosyle.net/87PQ] today and understand why Mosyle is everything you need to work with Apple. ---------------------------------------- In this episode of Security Bite, I sit down with macOS reverse engineer Christopher Lopez (@L0Psec [https://x.com/L0Psec]) and returning guest Kseniia Yamburkh (@osint_barbie [https://x.com/osint_barbie]) of MacPaw's Moonlock Lab to unpack ClickFix, the social engineering technique behind nearly half of all reported breaches in 2025. We get into who's actually falling victim, why it exploded so fast, how Mac malware is evolving in 2026, the current landscape, and more. LINKS * Notorious hacker return with notnullOSX, report from Moonlock Lab [https://moonlock.com/notorious-hacker-returns-notnullosx-stealer] * Submit a suspicious file to MacPaw for analysis [https://macpaw.com/support/report-malware] * Jamf's full Security 360 report [https://media.jamf.com/documents/white-papers/security-360-mac-2026.pdf?_gl=1*ggvzfj*_ga*ODMwMDAyNTgyLjE3NzUyNjE4NTQ.*_ga_X3RD84REYK*czE3NzU0ODU3MTAkbzQkZzAkdDE3NzU0ODU3MTAkajYwJGwwJGgw] covering 2025 landscape * Follow Chris on X [https://x.com/L0Psec] and YouTube [http://youtube.com/@l0psec] * Follow Kseniia on X [https://x.com/osint_barbie] * Read more in the weekly Security Bite column [https://9to5mac.com/guides/security-bite/] * Follow Arin on X [https://x.com/arinwaichulis] and LinkedIn [https://www.linkedin.com/in/arinw/] SUBSCRIBE TO THE SHOW * Apple Podcasts [https://podcasts.apple.com/us/podcast/security-bite/id1869497526] * Spotify [https://open.spotify.com/show/3uASDWEDSHcpBufyqvN1Yd] * Overcast * Pocket Casts [https://pca.st/podcast/429e7ab0-d737-013e-7c78-02d8c28b0a65] * RSS Feed [https://feedpress.me/securitybite]

Atomic Stealer is blurring the line between infostealers and trojans on Mac

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. [https://mosyle.net/87PQ] Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL [https://mosyle.net/87PQ] today and understand why Mosyle is everything you need to work with Apple. ---------------------------------------- In this episode, I break down what I think is the most significant finding from Jamf's latest Security 360 report: trojan malware now accounting for over 50% of all Mac malware detections. This is up from roughly 17% just a year prior and beats out infostealers for the number one spot. But its not as simple as trojans are just getting popular... It basically comes down to one malware family, Atomic Stealer (shocker), which is now simultaneously sitting at the top of both the trojan and infostealer categories. That dual classification is reshaping how we should think about the Mac threat landscape, because the old lines between malware categories I think are blurring. LINKS * Jamf's full Security 360 report [https://media.jamf.com/documents/white-papers/security-360-mac-2026.pdf?_gl=1*ggvzfj*_ga*ODMwMDAyNTgyLjE3NzUyNjE4NTQ.*_ga_X3RD84REYK*czE3NzU0ODU3MTAkbzQkZzAkdDE3NzU0ODU3MTAkajYwJGwwJGgw] * Security Bite column: Trojan malware dominates Mac [https://9to5mac.com/2026/04/06/security-bite-trojan-malware-dominates-mac-now-half-of-all-detections-says-jamf/] * Read more in the Security Bite column [https://9to5mac.com/guides/security-bite/] * Follow Arin on X [https://x.com/arinwaichulis] and LinkedIn [https://www.linkedin.com/in/arinw/] SUBSCRIBE TO THE SHOW * Apple Podcasts [https://podcasts.apple.com/us/podcast/security-bite/id1869497526] * Spotify [https://open.spotify.com/show/3uASDWEDSHcpBufyqvN1Yd] * Overcast * Pocket Casts [https://pca.st/podcast/429e7ab0-d737-013e-7c78-02d8c28b0a65] * RSS Feed [https://feedpress.me/securitybite] https://google.com/preferences/source?q=https://9to5mac.com

Psylo app is setting out to change private browsing

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. [https://mosyle.net/87PQ] Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL [https://mosyle.net/87PQ] today and understand why Mosyle is everything you need to work with Apple. ---------------------------------------- In this episode, I sit down with Talal, one-half of the duo behind the Mysk [https://x.com/mysk_co] security research X account and co-founder of Psylo [https://x.com/psylo_app], a privacy-focused iOS browser app that takes a fundamentally different approach to private browsing. We get into why not all VPNs are created equal, how exactly websites are identifying you and tracking your moments across tabs, and how Psylo tackles all of this by giving every tab its own isolated silo, complete with a separate IP address, memory, storage, and more. If you care about browser privacy on your iPhone, this one's worth a listen. Here's my conversation with Talal. LINKS * Follow Psylo on X [https://x.com/psylo_app] * Follow Mysk on X [https://x.com/mysk_co], Bluesky [https://bsky.app/profile/mysk.bsky.social], Mastodon [https://mastodon.social/@mysk] * Follow Talal on X [https://x.com/hajbakri] * Follow Arin on X [https://x.com/arinwaichulis] and LinkedIn [https://www.linkedin.com/in/arinw/] * Get 33% off a 1 year subscription to Psylo with offer code SECURITYBITE [https://apps.apple.com/us/app/psylo-privacy-browser-proxy/id6741358035] SUBSCRIBE TO THE SHOW * Apple Podcasts [https://podcasts.apple.com/us/podcast/security-bite/id1869497526] * Spotify [https://open.spotify.com/show/3uASDWEDSHcpBufyqvN1Yd] * Overcast * Pocket Casts [https://pca.st/podcast/429e7ab0-d737-013e-7c78-02d8c28b0a65] * RSS Feed [https://feedpress.me/securitybite]

RCS finally gets end-to-end encryption, 1Password blowback, more

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. [https://mosyle.net/87PQ] Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL [https://mosyle.net/87PQ] today and understand why Mosyle is everything you need to work with Apple. ---------------------------------------- In this episode of the Security Bite Podcast [https://9to5mac.com/guides/security-bite-podcast/], I discuss the recent developments around E2EE arriving to RCS on iOS, a major change to Stolen Device Protection, and the 1Password blowback following a big price increase coming next month. LINKS * The two biggest security upgrades in iOS 26.4 explained [https://9to5mac.com/2026/02/20/security-bite-the-two-biggest-security-upgrades-in-ios-26-4-explained/] * 1Password announces big price increases coming next month [https://9to5mac.com/2026/02/24/1password-announces-big-price-increases-coming-next-month/] SUBSCRIBE TO THE SHOW * Apple Podcasts [https://podcasts.apple.com/us/podcast/security-bite/id1869497526] * Spotify [https://open.spotify.com/show/3uASDWEDSHcpBufyqvN1Yd] * Overcast * Pocket Casts [https://pca.st/podcast/429e7ab0-d737-013e-7c78-02d8c28b0a65] * RSS Feed [https://feedpress.me/securitybite]

It's all about infostealers (Part 2)

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. [https://mosyle.net/87PQ] Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL [https://mosyle.net/87PQ] today and understand why Mosyle is everything you need to work with Apple. ---------------------------------------- In this episode, I continue my conversation with Kseniia (@osint_barbie [https://x.com/osint_barbie]) and Mykhailo (@xor3r [https://x.com/xor3r]) from Moonlock Lab, the cybersecurity research arm of MacPaw. Following our deep dive into the meteoric rise of infostealers in Part 1, we’re now shifting focus to the delivery side. In this second part, we discuss how malware gets onto machines and why we're now in the next stage of social engineering. Enjoy (: A WEEKLY COLUMN TURNED PODCAST! Welcome to the 9to5Mac Security Bite podcast [https://podcasts.apple.com/us/podcast/security-bite/id1869497526], your biweekly deep dive into the ever-evolving world of Apple security. I’m your host, Arin Waichulis, security writer here at 9to5Mac, and every other week, we take a bite out of the most critical stories and developments impacting the devices you use every day. Whether you’re an IT professional managing a fleet of Macs or a casual Apple user interested in what lurks around some of the world’s most secure operating systems, this show is for you. On the Security Bite pod, we’ll go beyond the headlines and sit down with the industry's top security researchers and experts to break down the latest iOS/macOS headlines, features, and emerging threats so you can stay better informed. You can still find the weekly written Security Bite column here [https://9to5mac.com/guides/security-bite/]. LINKS * Moonlock’s 2025 macOS threat report [https://moonlock.com/2025-macos-threat-report] * Mac.c stealer evolves into MacSync: Now with a backdoor [https://moonlock.com/macc-stealer-macsync-backdoor] * Objective-See non-profit foundation [https://objective-see.org/] * MacPaw releases Moonlock, a standalone macOS security app with real-time protection, smart insights, built-in VPN, more [https://9to5mac.com/2025/10/28/macpaw-releases-moonlock-a-standalone-macos-security-app-with-real-time-protection-smart-insights-built-in-vpn-more/] * Security Bite: Mac.c is shaking up the macOS infostealer market, rivaling AMOS [https://9to5mac.com/2025/08/16/security-bite-mac-c-is-shaking-up-the-macos-infostealer-market-rivaling-amos/] * Security Bite Podcast: The evolution of macOS threat hunting with Jaron Bradley [https://9to5mac.com/2026/01/16/security-bite-podcast-the-evolution-of-macos-threat-hunting-with-jaron-bradley/] * Follow Kensiia: X [https://x.com/osint_barbie], LinkedIn [https://www.linkedin.com/in/osint-barbie/] * Follow Mykhailo: X [https://x.com/xor3r] * More about Moonlock Lab [https://moonlock.com/moonlock-lab] * Follow Arin Waichulis: LinkedIn [https://www.linkedin.com/in/arinw/], Threads [https://www.threads.com/@arinwaichulis], X [https://x.com/arinwaichulis] SUBSCRIBE TO THE SHOW * Apple Podcasts [https://podcasts.apple.com/us/podcast/security-bite/id1869497526] * Spotify [https://open.spotify.com/show/3uASDWEDSHcpBufyqvN1Yd] * Overcast * Pocket Casts [https://pca.st/podcast/429e7ab0-d737-013e-7c78-02d8c28b0a65] * RSS Feed [https://feedpress.me/securitybite]