Skip to main content
Site Search
  1. Home
  2. Blog
  3. Jamf Security 360: threats to watch for in 2026

Jamf Security 360: threats to watch for in 2026

In the Jamf Security 360: Annual Trends Report, we analyze data from the past year to learn about the latest threats to Mac and mobile devices. Find out what we discovered in 2025 — and what to look out for in 2026.

April 2 2026 by

Hannah Bien

Security 360: Annual Trends Report header

Every year, Jamf Threat Labs takes a retrospective look at the threats that endanger our data, devices and privacy. This investigation reveals trends for us to look for — and defend against —in the upcoming year.

At the end of 2025, we anonymously examined over 1.7 million iOS and Android devices and over 150,000 Mac devices to see what malware, vulnerabilities and social engineering attacks most impacted security. Read on to get a quick summary of our report, or read them in full:

Key trends in the enterprise

Mobile devices

Mobile devices are increasingly important to workers. They’re taken on the go, have small screens and hold access to a wealth of information. Cyber criminals look at device infrastructure and user behavior to craft attacks. Organizations have to keep in mind that:

  • Software and device vulnerabilities are impossible to avoid.

  • Mobile apps are useful (or necessary), but add risk.

  • Networks and web risks threaten devices, even with secure configurations.

Bad actors leverage these risks, combining them to create advanced attacks.

Mac devices

Organizations across all sorts of industries choose Mac to keep their employees productive, secure and happy. The popularity of Mac hasn’t gone unnoticed; attackers are creating targeted attacks specifically for Mac. These attacks change constantly. Infostealers are evolving, establishing persistence and taking more data than ever before. Advanced threat groups remain a significant danger.

Top threats in 2026

Mobile devices

Device vulnerabilities

Your device’s operating system (OS) powers all that you do on it. It determines how productive and secure you’ll be, and how much you like using the device. They’re complex, robust codebases, and like everything else, they aren’t perfect.

Vulnerabilities inevitably show up. Attackers inevitably try to exploit them. Software vendors constantly work to patch these vulnerabilities; organizations should keep their devices up to date in response.

53% of organizations have at least one device with a critically out-of-date OS

Staying on top of the latest vulnerabilities, and their patches, helps your organization mitigate their effects. In the report, we explore key vulnerabilities that impacted iOS and Android security in 2025.

Application risks

Mobile apps can access many parts of your device. Each app carries its own set of risks, which can show up in:

  • Software development libraries

  • Data handling policies

  • Access permissions, like access to microphones, contacts, location and more

62% of surveyed apps requested dangerous permissions

The more apps your organization deploys, the greater your risk surface. Mitigating these risks requires constant vigilance. In the report, we break down the risks found in the most popular enterprise apps.

Network and web risks

Even if you follow best practices when configuring your devices, they aren’t immune to danger. Vulnerabilities exist beyond the device: on networks and with users. Insecure public networks, insufficient access policies, social engineering attacks — these all impact data security beyond a device’s security status.

25% of organizations had a user fall victim to a phishing link.

In the report, we examine how user behavior and network infrastructure affects your security.

Learn about the trends Jamf discovered impacting mobile in 2026.

Learn More

Mac devices

Malware

The growing popularity of Mac means a growing interest in malware that affects it. Mac is built with robust security features, but attackers are working hard to infiltrate them.

44.15% of devices had malicious network traffic

In 2025, attackers evolved their tactics. Infostealers remain a common threat; while in the past, they tend to steal data and run, researchers found they’re more inclined to establish persistence. Trojans were 2025’s most prolific threat, as attackers strive to build backdoors as part of their attack.

In the report, we break down the most common malware types and families — plus suspicious behavior that goes beyond known threats.

Device and OS vulnerabilities

Like mobile devices, Mac devices aren’t exempt from vulnerabilities. This can show up in the OS, other software/apps, hardware and more.

72.94% of devices contain at least one vulnerable app

In the report, we look at noteworthy macOS vulnerabillities in 2025.

Keep Mac safe in your enterprise in 2026.

Read Mac Report

How to defend your organization

Knowing is half the battle. This report aims to inform IT and Security professionals about the threats that jeopardize their organizations’ security. To keep it brief, it goes a long way to:

  • Keep device operating systems and apps up to date

  • Monitor for suspicious behavior and known threats

  • Enforce access policies

For a deeper examination and advice from our CISO, check out the reports:

Tags:
Related Resources
  • E-book
Mobile Threat Defense for Beginners
  • Blog
What is Mobile Security? Understanding Mobile Device Security