The Iru Blog

Lance Crandall

•

5 min read

5 Use Cases for Custom PowerShell Scripts in Windows Device Management

Modern Windows device management has come a long way. With UEM-based endpoint management, IT teams can enforce security baselines, configure system settings, deploy applications, and maintain compliance at scale. But even in the most mature Windows management environments, there are always scenarios that require customization. That’s where PowerShell scripting continues to play an important role.

Educational January 23, 2026

Calvin So

•

6 min read

Analyzing the MonetaStealer macOS Threat

On January 6, 2026, security researchers at Iru discovered a suspicious Mach-O binary masquerading as a Windows .exe file. Investigation revealed the file is a PyInstaller-compiled binary that executes malware hidden within a .pyc file. Researchers named the malware MonetaStealer. The malware contains limited capabilities and lacks anti-analysis/persistence mechanisms. Researchers believe it is still in its very early development phase and relies heavily on AI code. MonetaStealer maintains a zero-detection rate on VirusTotal as of the time of writing.

Threat Intelligence January 14, 2026

Calvin So

•

9 min read

Investigating Shai-Hulud: Inside the NPM Supply Chain Worm

On August 26, 2025, attackers exploited a GitHub Actions injection vulnerability inside Nx’s workflow, using a manipulated pull request title to run shell commands and extract the company’s NPM publishing token. With that access, they published malicious versions of trusted Nx packages. Once installed, those packages hijacked local AI command line tools to scan victim systems for credentials, SSH keys, and crypto wallets.

Threat Intelligence December 4, 2025

Csaba Fitzl & Gergely Kalman

•

22 min read

CrashOne - A Starbucks Story - CVE-2025-24277

On a cold autumn day in Budapest in 2024, I met independent security researcher Gergely Kalman at a local Starbucks to swap ideas, dead ends, and updates on our research. Over coffee, we started talking about crash logs, and that’s when we stumbled onto something big.

Threat Intelligence November 11, 2025

Calvin So

•

3 min read

The Top Cyber Threats Facing SMBs in 2025

Small and midsize businesses (SMBs) are under siege. Attackers know these organizations often run lean IT teams with limited budgets, making them prime “path of least resistance” targets.

Threat Intelligence October 16, 2025

Weldon Dodd

•

5 min read

Building a Smarter OS Update Strategy with Declarative Device Management

Managing operating system updates across an Apple device fleet has always been a balancing act. Push updates too aggressively, and you risk disrupting critical workflows. Move too cautiously, and you expose your organization to security vulnerabilities. The solution? A well-designed N-1 OS update strategy powered by declarative device management (DDM).

Thought Leadership October 13, 2025

Weldon Dodd

•

6 min read

The New Face of IT: More Ops, Less Headcount

The IT department of 2025 looks nothing like the help desk of 2015.

Thought Leadership October 8, 2025

Arek Dreyer

•

4 min read

Unlocking Apple’s New Device Management API

Apple Business Manager (ABM) and Apple School Manager (ASM) have evolved significantly in recent years, but one critical piece has been missing: programmatic access. That changed with the introduction of the ABM/ASM API, opening new possibilities for automation, integration, and workflow enhancement.

Thought Leadership October 6, 2025

Adam Kohler & Christopher Lopez

•

5 min read

Brewing Trouble: Homebrew Spoofed Sites on the Rise

In September 2025, Iru's security researchers identified multiple spoofed Homebrew installer sites designed to mimic the official brew.sh page. These replicas injected malicious payloads under the guise of a standard install. In this post, we examine the tactics, infrastructure, and impact of the campaign.

Threat Intelligence October 1, 2025

Arek Dreyer

•

4 min read

Ransomware Readiness: Tips from Beyond the Playbook

The call came at 2 AM. A major U.S. telecom provider, critical infrastructure supporting millions of cell phone users, was under active ransomware attack. Systems were encrypting rapidly across their network. Within hours, the FBI was coordinating response efforts, executives were in crisis mode, and a specialized team was rebuilding Active Directory from scratch while the clock ticked. For Eric Pittman, VP of Cybersecurity at Teradata, this wasn't a tabletop exercise or theoretical scenario. It was a real-world crisis that revealed critical gaps in how organizations prepare for and respond to ransomware attacks.

Thought Leadership September 29, 2025

Arek Dreyer

•

6 min read

Apple’s Recent Updates to Platform SSO: What Problems Will It Solve?

A frank look at where Platform SSO stands today, what's coming with macOS Tahoe 26, and the hard choices Mac administrators need to make

Thought Leadership September 26, 2025

Satyam Patel

•

4 min read

5 Lessons from One Company’s ISO 42001 Certification Journey

The rapid development and adoption of AI is creating new opportunities for businesses across industries. From predictive analytics and natural language processing to automated decision-making, AI is transforming business operations and the customer experience. However, with this vast potential comes significant risk – especially for compliance leaders who must navigate an everchanging and complex landscape of emerging regulations, ethical considerations, and governance challenges.

Thought Leadership September 25, 2025

Shwena Kak

•

5 min read

The Vulnerability Data Crisis: Why You Can't Trust Your Security Tools

How data processing delays, inaccuracies, and systemic challenges in the National Vulnerability Database are impacting security teams and what you can do about it.

Threat Intelligence September 22, 2025

Weldon Dodd

•

9 min read

Survey of 1,000+ IT & Security Teams Shows More Tools = More Burnout & Higher Risk

Analysis of 1,011 IT and security professionals reveals the true price of fragmented tech stacks

Reports September 18, 2025

Iru Team

•

4 min read

The Apple OS 26 Era Begins. Iru Has You Covered.

Deploy, manage, and secure Apple’s latest operating systems as soon as they’re released Apple has officially released its latest operating systems iOS 26, iPadOS 26, macOS 26, tvOS 26, watchOS 26, and visionOS 26. For the first time, Apple has standardized version numbers across every OS, creating a unified baseline for developers, IT teams, and end users alike. This alignment not only simplifies communication and compatibility but also underscores Apple’s commitment to delivering a consistent experience across the entire ecosystem.

Product News September 15, 2025