Skip to content
No More Pitchforks: How to Build User Trust During Security Rollouts
Iru Team

6 min read

No More Pitchforks: How to Build User Trust During Security Rollouts

The scene is familiar to anyone who's worked in IT or security: an urgent vulnerability needs patching, a new control must be deployed immediately, or a policy change can't wait. You execute the technical implementation flawlessly. Then come the Slack messages and emails.

Thought Leadership
Iru Quarterly Threat Intelligence Report - August 2025
Alex Gartner

3 min read

Iru Quarterly Threat Intelligence Report - August 2025

Welcome to the Iru Threat Intelligence Report, our quarterly summary of emerging threats in the macOS ecosystem and how Iru is responding in real time. In each edition, we break down key threat discoveries and the protections we’ve deployed to keep customer devices secure.

Threat Intelligence
Apple Intelligence in the Enterprise: an Admin’s Perspective
Iru Team

4 min read

Apple Intelligence in the Enterprise: an Admin’s Perspective

The Six Colors 2025 Apple in the Enterprise Report Card has sparked plenty of conversation about Apple’s direction, areas of growth, and continued challenges with enterprise products. Jason Snell, founding editor of Six Colors, and Weldon Dodd, Iru Distinguished Solutions Engineer unpacked the report’s findings and what they mean for Apple device administrators on a recent MacAdmins Podcast episode.

Thought Leadership
Iru Launches Vulnerability Response: The Missing Link Between Detection and Remediation
Iru Team

5 min read

Iru Launches Vulnerability Response: The Missing Link Between Detection and Remediation

If you've ever managed Mac computers in an enterprise, you know the drill: your security team discovers a critical vulnerability in Chrome, creates a ticket, and hands it off to IT to patch. Meanwhile, you're still chasing down users to update their apps while that vulnerability sits unpatched across your fleet. It's a frustrating cycle that leaves both teams feeling like they're always playing catch-up.

Product News
Choosing the Best Mac Login Experience: Comparing Kerberos SSO, Platform SSO, and Kandji Passport
Iru Team

11 min read

Choosing the Best Mac Login Experience: Comparing Kerberos SSO, Platform SSO, and Kandji Passport

The login screen, also known as the login window, is the start of every user’s Mac experience. But the average user doesn't give it much thought - they just enter a password and move on. Yet behind that moment is a critical security checkpoint and a key part of the user experience.

Thought Leadership
How IT and Security Teams are Handling AI: Insights from Our Survey
Iru Team

7 min read

How IT and Security Teams are Handling AI: Insights from Our Survey

AI tools are entering the workplace faster than most IT teams can respond. What began as experimental use cases is now widespread day-to-day reliance and often without oversight.

Reports
When Great Engineers Quit: Why Tools Make or Break Job Satisfaction
Iru Team

7 min read

When Great Engineers Quit: Why Tools Make or Break Job Satisfaction

The tech industry has a retention problem, but not for the reasons most people expect. Rather than quitting because work is too complex or challenging, talented IT and security engineers tend to leave because their tools prevent them from doing meaningful work.

Thought Leadership
What WWDC 2025 and the Next macOS Release Could Mean for Apple Admins
Iru Team

6 min read

What WWDC 2025 and the Next macOS Release Could Mean for Apple Admins

Every year, Apple’s new macOS release offers an opportunity to innovate. It also brings uncertainty for IT teams trying to keep pace with constant change. With the next major release set to preview at WWDC 2025 (June 9 to 13), admins are preparing for a high-stakes upgrade cycle. Early previews hint at broad updates spanning the Apple product suite, from design changes that unify UX across devices to much-anticipated Apple Intelligence features.

Thought Leadership
Shadow IT: IT Professionals Adapt, Respond, and Redefine Control
Iru Team

7 min read

Shadow IT: IT Professionals Adapt, Respond, and Redefine Control

Shadow IT has always been a loaded term, typically implying rule-breaking, risk, or lack of control. But the reality is more nuanced. When we surveyed 115 IT professionals, what we found wasn’t a story of defiance. It was one of friction.

Reports
Dissecting the macOS 'AppleProcessHub' Stealer: A Technical Analysis
Christopher Lopez

14 min read

Dissecting the macOS 'AppleProcessHub' Stealer: A Technical Analysis

On May 15, 2025, the security research team MalwareHunterTeam (@malwrhunterteam) identified a suspicious file named libsystd.dylib with low detection—only 2 at the time of posting— which appeared to be an infostealer.

Threat Intelligence
Kandji Quarterly Threat Intelligence Report: May 2025
Alex Gartner

4 min read

Kandji Quarterly Threat Intelligence Report: May 2025

Welcome to the Iru Threat Intelligence Report, our quarterly summary of emerging threats in the macOS ecosystem and how Iru is responding in real time. In each edition, we break down key threat discoveries and the protections we’ve deployed to keep customer devices secure.

Threat Intelligence
macOS Vulnerabilities: A Year of Security Research at Iru
Alex Gartner

10 min read

macOS Vulnerabilities: A Year of Security Research at Iru

Iru security researchers have been hard at work hunting for vulnerabilities in macOS, reporting them to Apple before malicious actors can exploit them. This proactive approach is a cornerstone of our product strategy, benefiting not just our customers but the entire Apple ecosystem.

Threat Intelligence
PasivRobber: Chinese Spyware or Security Tool?
Nick Zolotko, Christopher Lopez, & Adam Kohler

28 min read

PasivRobber: Chinese Spyware or Security Tool?

On March 13, 2025, our team found a suspicious mach-O file on Virustotal named wsus. After our initial analysis of this file and the package which installed it, we discovered over 20 related binaries used to capture data from macOS systems and applications, including WeChat, QQ, web browsers, email, etc. This multi-binary suite indicates a deep understanding of macOS and their target applications. The software’s targeted applications and other observed network connections strongly indicate both a Chinese origin and target user base.

Threat Intelligence
Survey Results: The Top Content and Communities for IT & Security Pros
Iru Team

11 min read

Survey Results: The Top Content and Communities for IT & Security Pros

Are you curious where your peers get updates on the latest IT and security news? Or maybe you have an inside scoop on a resource or conference that deserves more recognition? We were curious, too. So, we took the question to our community in a broad survey of professionals - from security experts to technology leaders and admins. The responses gave us great insights into where IT and security practitioners are hanging out online and in-person, including the top:

Reports
Caught in the WebKit: Getting Tangled with CVE-2025-24201
Shwena Kak & Candace Jensen

4 min read

Caught in the WebKit: Getting Tangled with CVE-2025-24201

Web browsers are the gateway to the internet, a ubiquitous fixture of every enterprise device—making them a critical point of exposure. When managing your fleet you may ask: Are we aware of the vulnerabilities affecting our users’ browsers? While vulnerability databases are a great place to start, the widespread use of common codebases makes it harder to trace and recognize vulnerabilities that affect multiple products.

Threat Intelligence

Stay up to date

Iru's bi-weekly collection of articles, videos, and research to keep IT & Security teams ahead of the curve.