It may be time for Mac users to start to wake up and smell the coffee we’ve been drinking for at least 25 plus years.
While the turn of the century made this virus, worm, trojan and now malware laced email more prevalent than before, Mac users have not seen that much. We’ve talked about them as we’ve seen reports, but according to Apple Insider, this may be more of a trend this year.
We’d like to thank the JRN’s Herbie Allen for boosting this, as I became more recent on Mastodon and spotted this.
Cybercriminals are upping their game in 2025 with smarter AI and stealthier ransomware targeting Mac users, leaving defenders scrambling to keep up.
The year 2025 may mark the turning point for AI’s role in cybersecurity, according to a recent report from Malwarebytes. While generative AI tools like ChatGPT have made minor waves since their debut, their capabilities have largely been limited to assisting with coding and research tasks.
The article also says:
Agentic AI represents a leap beyond generative tools, giving defenders the ability to automate time-intensive tasks like network monitoring, patching vulnerabilities, and identifying threats. Agents could help close the persistent skills gap in cybersecurity.
For example, AI agents could manage overnight threat detection, handle real-time anomaly tracking, and prioritize patch deployments without constant human oversight.
However, the same technology could empower attackers to scale operations. Cybercriminals may use agentic AI to carry out simultaneous ransomware attacks, craft sophisticated phishing campaigns, and even breach networks autonomously.
While Chat GPT and others have assisted in coding, this could get worse, says the article.
Ransomware continues to dominate as the most lucrative cybercrime, with a 13% rise in attacks in 2024. The largest ransom payment on record — $75 million — occurred in 2024 and was paid to the Dark Angels group from an unknown Fortune 50 company.
– “Access” uses social engineering, RDP, vulnerabilities, and phishing. Protection includes brute force protection and patch management.
– “Infiltration” involves exploring networks, with countermeasures like managed detection and response.
– “Attack” refers to monetizing infiltration with ransomware, featuring protections like application blocking.
There are icons and descriptions for each stage and protection measure. With LockBit and other big names now practicly gone, if not completely, smaller groups are going to take over and make things more difficult.
Many now rely on stealth, executing entire attack chains, from gaining access to encrypting data, within hours. On macOS, this trend is amplified by the rise of advanced information stealers like Poseidon and Atomic Stealer.
These stealers exploit malvertising campaigns to infiltrate systems and steal sensitive data such as passwords and cryptocurrency wallets.
Macs are increasingly targetedIn recent years, macOS has seen a notable increase in targeted cyberattacks, correlating with its growing adoption in personal and corporate environments. In 2024, the emergence of sophisticated threats like the Banshee macOS Stealer highlighted the platform’s vulnerability to advanced attacks.
How should you defend yourself?
We know that while AI can keep things interesting by making sure things are spelled correctly, they could add things like your name or company, the one thing they can’t do is point you to the correct web site.
So if you get an email telling you that your package is delayed and it has your name, it will still point somewhere where it’ll ask you to either download something or fill out a form. This is a light example I always use as this makes sense to people. It shows the phishing aspect as discussed within the final paragraphs of the article.
The article says:
To tackle the rising threats, cybersecurity teams need to rethink their strategies. Using AI-driven tools can help bridge the skills gap by automating threat detection and response.
Enhancing endpoint security is also essential, where advanced solutions can identify suspicious behavior. Securing access points is another priority, starting with disabling remote desktop protocols and limiting tools vulnerable to exploitation.
Finally, staff training remains crucial — teams must be equipped to recognize phishing attempts and social engineering tactics to stay ahead of attackers.
While AI generation for the image above was good, I don’t need every little detail to get the point across. But others can ask the AI tool for more if they wish.
You can always ask someone if something seems off, that is what friends are for.
Cybercriminals are using AI to target macOS in 2025 is the article which we took some stuff from for this discussion.
Make it a great day and thanks again for reading!