The Iru Blog

Deploy Any Windows App with Iru Custom Apps

The Sprawl Report: What Too Many Tools Is Doing to IT and Security Teams

What Apple Business Actually Means for Your IT Team (And Whether It Replaces Your MDM)

Apple dropped a significant announcement on March 24, 2026: Apple Business Essentials, Apple Business Manager, and Apple Business Connect are going away. In their place, a unified platform simply called Apple Business launches on April 14. If your IT team is running any Apple devices, or if you've been relying on Apple Business Essentials for lightweight MDM, this affects you. Here's a clear-eyed look at what's actually changing, what Apple Business includes, and what it still doesn't do.

Beyond the Login: What CISA's Latest Recommendations Mean

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an urgent advisory urging U.S. organizations to harden their endpoint management systems. The guidance came in response to the Stryker attack, claimed by Handala, an Iranian-linked hacktivist group, which wiped thousands of corporate devices without a single piece of malware. The attacker had valid credentials, a live admin session, and access to tools the organization already trusted. That was enough.

Atomic Stealer (AMOS) Returns: ClickFix, Trojanized Crypto Apps, and a New macOS Persistence Mechanism

Atomic Stealer, commonly tracked as AMOS, has earned its place as one of the most persistent threats the macOS threat landscape. Powered by a relentless development cycle and diverse distribution networks, it shows no signs of slowing down. Researchers have extensively documented its signature tactics: "ClickFix" browser social engineering prompts, trojanized application installers, and, most recently, the "malext" variants spread through malvertising campaigns.

The Guide to Managing Mac Clusters for AI Workloads

Mac clusters for AI workloads are real infrastructure now. Here’s how to provision, secure, and manage them from day one.

The right Blueprint, every time: how Iru's Blueprint Routing automates device deployment at enrollment

Enrolling a fleet of devices sounds simple in theory: pick a Blueprint, assign some settings, and you're done. But in practice, most organizations are managing a mix of Mac computers, Windows computers, iPhone devices, iPad devices, kiosk tablets, and meeting room devices, each with their own configurations, user types, and provisioning requirements. Keeping all of that straight at enrollment time, without manual intervention or a tangle of enrollment codes, has historically been one of the more tedious parts of device management.

Stop Threats Instantly with Device Isolation for Iru EDR

Respond to serious threats by isolating compromised devices from the network. Iru retains a secure, remote connection with the device.

macOS Malware Analysis: Music Plugin DMG Loader

On February 4, 2026, security researchers discovered a mass-distributed loader disguised as predominantly cracked music plugin DMGs used to deliver multiple multistage macOS malware, such as Odyssey and MacSyncStealer, in addition to a Mach-O binary containing another loader to an additional payload.

Introducing Blueprint Routing

Today, we’re excited to announce the general availability of Blueprint Routing, a new enrollment capability in Iru that dynamically assigns devices to Blueprints during enrollment, based on device and user attributes collected at that moment.

The Security Implications of OpenClaw and Autonomous AI Agents

In recent months, a new class of AI tools has gained momentum, blurring the line between traditional assistants and fully autonomous automation platforms. OpenClaw, previously known as Clawdbot and Moltbot, is designed to execute tasks for users with little ongoing human involvement, including file management, workflow automation, and direct shell command execution. Its rapid viral growth and strong community adoption, with almost 200,000 GitHub stars, have brought attention to a new category of AI tools that operate with deeper system access than most conversational AI platforms.

The hidden risks of the Homebrew Cellar in Vulnerability Management

In the modern macOS ecosystem, Homebrew is a staple: the engine under the hood in software engineers' day to day development, and a productivity enhancer for macOS power users. However, its convenience and ubiquity may introduce a significant blind spot for security teams if they lack visibility into the "Cellar" - the specific location where Homebrew stores its binaries, known as formulae. Its hidden dependencies, lingering outdated binaries, and relaxed permissions can create serious security gaps. When a workstation may be the gateway to cloud and production systems, those gaps matter.

The Better Way to Migrate iOS and iPadOS Devices

Moving to a new device management solution has never been easier. With iOS 26 and iPadOS 26, we're introducing support for a powerful migration feature that transform how organizations transition their iPhone and iPad fleet to Iru.

The Dangers of Cracking Tools

This blog article highlights one particular risk that arises from using various tools to crack software: introducing vulnerabilities to their environment. This article provides a general overview, examines past cases, and dives into an actual local privilege escalation vulnerability we uncovered in a macOS software cracker.