Kategorie

Scale AI has been attempting to quell fears about its company sovereignty and data security after its ‘acqui-hiring’ by Meta, but customers appear to be defecting anyhow, and competitors are being rewarded with a slice of the limelight.

Meta is investing $14.3 billion in the data labeling and model evaluation startup, which gives the social media giant a 49% stake in the company, and is bringing Scale’s founder and former CEO Alexandr Wang onboard to work on AI “superintelligence.”

Within days of the news of the deal, OpenAI said it would be phasing out its work with Scale, although not explicitly because of the Meta deal. For the last several months, the AI leader has been backing away from the relationship and opting for competitors like Mercor, reportedly because Scale doesn’t have the expertise it needs for its increasingly advanced models.

Others are also purportedly hitting the brakes on their relations with Scale, including xAI and Google, the latter over concerns that Meta could access information about its AI developments.

Scale’s interim CEO Jason Droege has pushed back, emphasizing in a blog post that the company will remain “unequivocally an independent company” and will not provide Meta with access to its internal systems.

Despite this assurance, an analyst understands industry concerns.

“Meta’s move signals a trend toward vertical integration and supplier lock: Owning the data annotation pipeline to secure control over the quality, provenance, and scalability of training data,” said Thomas Randall, AI lead at Info-Tech Research Group. “Moreover, OpenAI’s pullback shows how quickly partnerships in this space can shift based on alignment, data strategy, or concerns about competition.”

Rivals in the data labeling game

Data labeling is a critical step in AI development, as it involves tagging raw data to provide context for models so they can continue to learn and iterate.

The Meta-Scale deal underscores the importance of the capability, and, perhaps counterintuitively, has drawn much more attention to rival, potentially superior data labeling companies. This includes five-year-old startup Surge, which reportedly had more than $1 billion in revenues last year. Others in the growing space include Turing, Snorkel, Invisible, Toloka, CloudFactory, and Label Your Data.

However, Droege asserted that Scale is “one of the only providers capable of serving customers at volume” with the “largest network of experts training AI.” Going forward, the company will focus on building out its applications business units and will continue to be model-agnostic and human-driven, he said.

“The spike in competition from players like Surge, Turing, and Invisible gives enterprises more leverage, but also more responsibility,” said Info-Tech’s Randall. These vendors differ significantly when it comes to workforce models, automation levels, and quality controls, he noted. Enterprise leaders should evaluate providers not just on price or throughput, he advised, but on whether they offer robust annotation auditability, support for domain-specific edge cases, and alignment with ethical AI practices.

“The quality of labeled data is a leading indicator of model performance and a lagging indicator of strategic oversight,” said Randall. “The enterprises that succeed in AI won’t just be the ones with the best models, but the ones with the most intentional, resilient data ecosystems.”

Not just about selecting a labeling company

But the ultimate conversation around data labeling is a little more nuanced and complex, analysts note.

Hyoun Park, CEO and chief analyst with Amalgam Insights, pointed out that Scale has built its reputation on text and image labeling, and its ability to identify global talent. This is a “powerful fit” for Meta, as Facebook, Instagram, and its other applications and services have massive amounts of data that can be further tagged and indexed to support large language models (LLMs) and AI, based on Meta’s ownership of accounts and digital assets.

“Scale works well with social networks and other media-based websites with self-refreshing and original media creation that can be labeled and used to train models on an ongoing basis,” he noted.

For OpenAI, Google, Anthropic, and other LLM providers selling directly to businesses and large organizations, however, the competitive landscape is quickly shifting. It is no longer enough to simply take in and process general data; providers must be able to automate code and conduct higher-level tasks, said Park. When digging deeper into programming, healthcare, legal services, and other specialized fields, they need subject-matter expert data.

Enterprises must be able to contextualize their own internal data and jargon, and have the ability to trust their AI enough to allow it to take action, he said. This means that the AI needs to be trained well enough to understand the common sense ramifications of the requests it receives, and the data that it accesses.

“This training and contextualization ultimately requires specific expertise that is often coming from veteran employees and highly trained professionals, not just from outsourcing firms that can provide scale-up capabilities for specific areas of AI training,” said Park.

Randall agreed that enterprise leaders must treat their data labeling decisions as part of a broader AI governance and operational strategy, not just a technical outsourcing choice. He said his firm’s research on vendor management indicates that organizations should treat labeling vendors as they would treat cloud providers.

That is: “diversify, insist on explicit contractual firewalls around staff mobility and data reuse, and build contingency plans so an acquisition doesn’t strand your model pipeline or expose proprietary data,” he said.

More Scale AI news:

After AI setbacks, Meta turns to Scale AI and ‘superintelligence’ research

News broke today of a "mother of all breaches," sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. [...]

A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. [...]

Cybercriminals no longer need zero-days to breach your systems—these days, they just log in. Join BleepingComputer, SC Media, and Specops Software's Darren Siegel on July 9 at 2:00 PM ET for a live webinar on how attackers are using stolen credentials to infiltrate networks and how you can stop them. [...]

ChatGPT's next big upgrade, or the new foundational model "GPT-5," is still being prepared for a release in the summer, but OpenAI won't share the specifics. [...]

The U.S. Department of Justice has seized more than $225 million in cryptocurrency linked to investment fraud and money laundering operations, the largest crypto seizure in the history of the U.S. Secret Service. [...]

GenAI, credential theft, third-party risks—Verizon's 2025 DBIR reveals what's putting your org at risk. Join DBIR author Alex Pinto & LayerX CEO Or Eshed as they break down this year's key insights and defense strategies. Don't miss the webinar—register now. [...]

Microsoft has announced new Windows 365 security defaults starting in the second half of 2025 and affecting newly provisioned and reprovisioned Cloud PCs. [...]

ChatGPT appears to be testing support for Gmail and Google Calendar integration. This will allow users to summarise emails and create events. [...]

OpenAI has ended its long-standing partnership with Scale AI, the company that powered some of the most complex data-labeling tasks behind frontier models such as GPT-4.

The split, confirmed by an OpenAI spokesperson to Bloomberg, comes on the heels of Meta’s $14.3 billion investment for a 49% stake in Scale, a move that industry analysts warn could redraw battle lines in the AI arms race.

It also secured Scale founder Alexandr Wang to lead Meta’s AI division, accelerating what Deepika Giri, AVP for BDA & AI Research, IDC Asia/Pacific described as a profound challenge to data neutrality in foundational AI layers. “The world is shifting toward vendor-neutral ecosystems,” Giri cautioned, where data security and open platforms are paramount. But with hyperscalers now commanding the core pipelines, that neutrality faces unprecedented pressure.

The high stakes of AI data and talent wars

Meta’s $29 billion valuation of Scale highlights its two-front war for both data infrastructure and elite talent. While the investment aims to shore up Llama 4’s competitiveness, the social giant is also offering unprecedented “seven-to-nine-figure” packages to lure top employees, including OpenAI staff reportedly targeted with $100 million offers, as CEO Sam Altman disclosed on the Uncapped podcast. Yet not all are swayed. A Menlo Ventures VC posted on X that many still choose OpenAI or Anthropic.

The fallout from OpenAI’s exit and Meta’s investment is poised to disrupt the data-labeling industry, projected to reach $29.2 billion by 2032. Jason Droege, Interim CEO, Scale, in a blog post, maintained that its data governance remains independent, stating, “nothing has changed about our commitment to protecting customer data.”

Those reassurances may already be falling short. OpenAI, Bloomberg reported, had already been quietly scaling back its use of Scale’s services for months, citing a need for more specialized data.

OpenAI’s exit redraws the AI data landscape

Scale, which began as a data-labeling pioneer built on a global contractor base in countries like India and Venezuela, reported $870 million in revenue for 2024. But with major clients like Google, which spent $150 million last year, its future is uncertain.

The CEO of Handshake, a Scale competitor, told Time that demand for his company’s services “tripled overnight” in the wake of the Meta deal. The exodus reflects a fear among Meta’s rivals that proprietary data and research roadmaps could leak to a competitor through Scale’s services.

This realignment also exposed blind spots in enterprise AI contracts. Most lack robust “change-of-control” clauses or vendor conflict safeguards, leaving companies exposed when partners align with rivals. As Ipsita Chakrabarty, an analyst at QKS Group, noted, many contracts still rely on static accuracy metrics that crumble against real-world data drift. The result, she warned, is that companies may end up “outsourcing intelligence but retaining liability for failures.”

Yet Scale’s value remains in its elite trainer network (historians, scientists, PhDs) handling specialized tasks costing reportedly “tens to hundreds of dollars” per unit. While Meta’s non-voting stake avoided automatic antitrust review, regulators may still investigate the blurred line between influence and control. For now, the full implications will take months to unfold, as regulatory reviews, vendor transitions, and internal audits continue to reshape the AI data supply chain.

The new realities of AI development

As companies such as Google rush to build in-house data labeling capabilities, the industry faces a choice to repeat the mistakes of the cloud consolidation era of 2010-2015 or take a more open route.

“The AI race is causing vendor fragmentation in the short term, but I expect consolidation in the long term,” said Anushree Verma, senior director analyst at Gartner. “Vendors will struggle to scale their implementations if they continue with a fragmented approach. As a result, the need for interoperable ecosystems—supported by hybrid cloud collaboration and integration—will drive consolidation in this space.”

This resonates with IDC’s suggestion for “vendor-neutral ecosystems where data security, regulatory compliance, and open platforms take center stage,” a philosophy now clashing with the industry’s walled-garden reality.

For CIOs, this moment demands more than procurement checklists. Successful AI adoption requires baking in “change management, decision traceability, and human-AI interaction design” from day one, QKS’ Chakrabarty.

The challenge now goes beyond compliance. It requires stress-testing AI ecosystems with the same urgency as applied to cloud and chip vulnerabilities. “The best approach,” according to IDC’s Giri, “is to evaluate capabilities independently and avoid deep integration across the stack, because a monolithic system may lack the flexibility to keep up with tomorrow’s needs.”

More OpenAI news:

• OpenAI’s new models can ‘think with pictures’
• OpenAI-Microsoft tensions escalate over control and contracts
• New tools from OpenAI help companies create their own AI agents
  

>

The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and "scareware" sites. [...]

Satellite communications company Viasat is the latest victim of China's Salt Typhoon cyber-espionage group, which has previously hacked into the networks of multiple other telecom providers in the United States and worldwide. [...]

Microsoft is set to cut thousands of jobs, mainly in sales, amid growing fears that AI advances are accelerating the replacement of human roles across the industry, Bloomberg reports.

The cuts follow a previous round in May, which saw approximately 6,000 roles eliminated.

Microsoft has been ramping up its AI investments to strengthen its position as enterprises across industries rush to integrate the technology into their operations.

Earlier this year, the company announced plans to spend around $80 billion in fiscal 2025, largely on building data centers to support AI training and cloud-based applications.

Adding to industry unease, Amazon CEO Andy Jassy said this week that generative AI and AI agents are expected to shrink the company’s corporate workforce over time.

AI or other factors?

AI is being used as an excuse for layoffs this year, but there may be more to it than what meets the eye.  

“One, we are still rebalancing employee counts from the over-hiring of the past decade,” said Hyoun Park, CEO and chief analyst of Amalgam Insights. “Tech companies were hiring with the assumption that they would grow at ridiculous rates that have not come to pass. Also, some tech companies think they can simply get rid of salespeople, especially in cash-cow industries where renewals seem to come in with little to no effort. Whether that is actually true or not, we are about to find out.”

The job cuts may also signal concerns about the near-term revenue potential of AI, Park said. While Microsoft is under pressure to invest heavily in AI to sustain its stock valuation, it may be turning to short-term operating expense reductions to support its financial performance.

“The planned $80 billion investment in AI infrastructure is especially interesting because those numbers assume a massive number of people will adopt Microsoft-related AI products,” Park said. “Are 50 million+ people willing to pay an additional amount on Microsoft products to support AI? That is a massive bet that has been completely unjustified by the current AI market today.”

Others point out that the company is betting on a long-term inflection in enterprise workload patterns driven by GenAI, but current adoption patterns remain volatile.

“Reports of Microsoft pausing or renegotiating data center leases reflect a prudent but necessary response to these uncertainties,” said Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research. “If workloads fail to scale or regulatory barriers increase, Microsoft, and by extension, other hyperscalers, could face underutilized infrastructure, prompting pricing recalibrations or service tier stratification.”

Changing sales environment

The focus on sales roles in the planned cuts is notable, with analysts saying it reflects a broader shift in how enterprise sales functions are evolving.

“The rise of AI copilots, telemetry-rich self-service portals, and data-driven journey mapping is reducing the need for large in-region sales teams,” Gogia said. “Microsoft’s realignment is part of a broader pattern also visible in Amazon, Google, and Salesforce.” However, while AI can personalize interactions at scale, it lacks the relational depth required in strategic deal-making, compliance negotiation, and multi-stakeholder orchestration, Gogia added.

More Microsoft news and insights:

• Global Microsoft 365 outage disrupts Teams and Exchange services
• Microsoft is finally fixing app updates on Windows
• Microsoft urges Office users to upgrade to 365 — or face doom
• Microsoft announces Windows 365 Reserve: Backup cloud PCs for the enterprise
• Is Microsoft really axing Windows 10? Here’s what you need to know
  

>

>

The “black screen” phenomenon in Windows 10 and Windows 11 shows poignantly how nothing sometimes matters quite a lot. Seeing nothing except a black screen where the desktop and its applications normally appear is disconcerting for users, because they literally can’t see what the PC is — or isn’t — doing.

When experienced Windows users encounter a black screen, they know at least two things immediately. First, they know that something is wrong with their PC. And second, because nothing (or nothing much) is visible, they can surmise that the graphics subsystem is likely involved, based on the absence of information on display.

That’s a good start, but what users really want is to get their desktop back. In this story I’ll guide you through the different types of black screen in Windows 10 and 11, and the surest methods I’ve found to fix them.

[ Dealing with a Windows blue screen instead of a black screen? See “What to do when Windows won’t boot.” ]

Two kinds of black screen, one subtle difference

Windows cognoscenti recognize two different types of black screen for both Windows 10 and 11. The first is a black screen, plain and simple. This means the screen is completely dark with nothing at all showing. Zip, zero, nada.

If you see a completely black screen, it’s worth checking to see if the PC is actually powered on. Sometimes when Windows shuts down, it kills the power, too — in which case the fix could be as simple as powering and booting up the device. (Or not.)

The second type is what’s called a “black screen with cursor.” Just as it sounds, this means that the display is completely black, except that the mouse cursor is shown on that black background. Often, the cursor will track mouse movement even though it’s mousing over a completely black screen. The image at the top of the story shows this second kind of black screen.

In my personal experience, the black screen with cursor occurs far more frequently than a black screen by itself (no cursor). I’ve found that two causes are the most likely culprits when a black screen with cursor appears.

First is a failure of the graphics subsystem to interact with the display upon waking from sleep. Second is symptomatic of a problem with the graphics driver, the special software that interacts with the display on behalf of the graphics subsystem inside the OS to render pixels on the screen, itself.

The presence of a cursor that responds to mouse movement — as it often will — is actually a good sign. It indicates that the OS is still working (at least to some extent) behind the scenes. It also shows that the mouse driver can still track cursor position onscreen. This means that there’s a very good chance that the desktop can be restored to normal operation using a few well-known key combinations.

Two keyboard combos can (often) restore normal operations

Even if there’s no cursor present, it’s worth trying these key combinations as a first and second step. Both combos involve pressing multiple keys simultaneously. This usually means using one finger to depress the first key and holding it down, using a second finger to depress the second key and doing likewise, then more of the same for a third key, and so on.

Combo 1: Restart the graphics driver

This four-key combination tells Windows to stop, then restart any and all graphics drivers that happen to be running. Most Windows systems use only a single graphics driver, but those with multiple graphics cards (or perhaps a graphics card plus the CPU’s graphic chipset) and multiple displays may have multiple drivers running.

This keyboard combo reads: Windows key + Ctrl + Shift + B. I usually do the first three keys with my left hand, then press the B key with my right forefinger while the others remain depressed.

If you see immediate disk activity (from a disk activity indicator), that’s a good sign. Sometimes the screen will return to normal operation a few seconds later, showing that the driver has reloaded and is now running successfully. Sometimes, nothing else will happen after the disk activity light ceases flashing. That signals it’s time to try the second combo.

Combo 2: The three-fingered salute

This is a familiar key combo to longtime Windows (and even DOS) users. It reads: Ctrl + Alt + Delete.

It’s notorious to those who’ve been using Microsoft OSes for a long time (since the mid-’90s or earlier), because it used to forcibly reboot the OS when struck. Starting with Windows 95 (and Windows NT version 3.5), this key combination now invokes the secure sign-in screen shown in Figure 1 below.

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?quality=50&strip=all 566w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=300%2C292&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=173%2C168&quality=50&strip=all 173w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=86%2C84&quality=50&strip=all 86w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=494%2C480&quality=50&strip=all 494w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=370%2C360&quality=50&strip=all 370w, https://b2b-contenthub.com/wp-content/uploads/2025/06/windows-black-screen-01-ctrl-alt-del.png?resize=257%2C250&quality=50&strip=all 257w" width="566" height="550" sizes="(max-width: 566px) 100vw, 566px">

Figure 1: Ctrl-Alt-Del invokes the Windows secure sign-in screen on both Windows 10 and 11.

Ed Tittel / Foundry

Even when the preceding combo gets the graphics driver going, it sometimes still won’t light up the screen. And sometimes when that’s the case, this key sequence will repaint the screen to show you the secure log-in options.

What this screen capture doesn’t show is the power buttons at the lower right, with networking, ease of access, and power controls (shut down, restart, and so forth) from left to right. If this screen does appear, click Cancel, and your desktop may reappear in working order.

What if the screen stays black?

If the cursor is absent, these key combos often won’t help — and sometimes they don’t help even when the cursor is present. In such cases, there’s really only one thing to do next: forcibly power off the affected PC. For most devices, this means holding down the power button until the PC shuts down. On desktop PCs with a discrete power supply (aka PSU), you may have to power that PSU off, wait 30 seconds, then power it back on to get the same effect.

A minority of devices may have the power button action redefined so that the PC keeps running despite this action. In that case, it may be necessary to disconnect the PC from its power source. For laptops, this may also mean waiting until the battery runs completely down (or disconnecting the battery, on PCs that permit this).

For most PCs, a subsequent restart will return the device to normal operation — including a working graphics subsystem with no black screen. If the screen remains black despite all these efforts, additional troubleshooting is needed.

I will now briefly describe additional troubleshooting techniques that may or may not lead to a working system. The further you must go down this list of options, the more likely it is that a hardware failure of some kind is involved.

For desktops, this may mean you need to replace an external graphics card (or the CPU or motherboard if a built-in CPU graphics chipset is in use). For laptops, it may mean replacing the motherboard or making a trip to a repair depot, assuming that the problem device is still covered under some kind of service or repair contract.

The troubleshooting sequence for persistent black screens

1. Try a different display. Perhaps the graphics circuitry is indeed working. (This is possible if the disk activity light runs for a while after restart, but the screen remains black.) Plugging in an alternate display may work, in which case troubleshooting has just identified the display rather than the GPU or graphics chipset, and associated drivers, as the culprit.

2. Boot into Safe Mode for various checks. This requires access to bootable Windows 10 or 11 recovery media. (I describe how to build such media near the end of another Computerworld story: “How to repair Windows 10 or 11 in 4 steps.”) If the PC will boot to recovery media and the display works, congratulations! You’ve just established that something is wrong with the normal boot image for Windows on the affected PC.

You can try a boot repair utility (I like the “Fix Windows Boot Problems” tool on Macrium Reflect Free’s Rescue Media) or get some repair ideas from the afore-cited “How to repair…” article. If the PC retains its black screen, it’s pretty conclusive that something is wrong with the GPU or built-in graphics circuitry. Proceed to Step 3.

3. Try different graphics circuitry. Though this troubleshooting technique can also serve as a repair, it depends on a USB 3 external GPU to see if the internal GPU or graphics circuitry isn’t working. If you can plug such a USB device into the affected PC, and then graphics work when a display is hooked up to the device, you’ve just demonstrated where the problem lies. That problem must now be addressed. Proceed to step 4.

(Don’t have a USB 3 external GPU for testing/troubleshooting? See this Newegg search for some good potential USB 3-based candidates, many of which are available in the $60 to $100 range for HDMI, DisplayPort, and DVI displays.)

4. Replace the graphics hardware. It’s up to you (and prevailing service contract arrangements) whether this is a DIY exercise or if it involves turning the PC over to a repair shop or a designated, official repair outlet for an OEM or maker. But some way, somehow the graphics hardware must be replaced. For some laptops, especially older ones, this may mean that outright device replacement, rather than repair, is the best option.

Nobody wants to see a black screen on Windows

If you (or one of your users) does encounter this particular phenomenon, you should now have a pretty good idea of how to address it. In most cases, reloading the graphics driver or restarting the PC will do the trick. In other cases, there’s no choice except to work through the standard troubleshooting sequence as outlined above.

If you’re really, really lucky, a quick dive into the Windows Reliability Monitor can reveal the same kind of error details shown in Figure 2 below, which started appearing in Windows 10 with version 2004. Prior to that release, black-screen errors went mostly unacknowledged in Windows error reporting.

Figure 2: Note the black screen mention in the Bucket ID info at bottom of the error detail.

Ed Tittel / Foundry

This particular image comes from Windows 11 22H2 (as you can see from the beginning of the build number, 10.0.22621). The Bucket ID includes the string “CreateBlackScreenLiveDump” — that’s your indicator that the OS snagged a black screen error on your behalf.

This story was originally published in November 2020 and updated in June 2025.

U.S. doughnut chain Krispy Kreme confirmed that attackers stole the personal information of over 160,000 individuals in a November 2024 cyberattack. [...]

A member of the notorious Ryuk ransomware operation who specialized in gaining initial access to corporate networks has been extradited to the United States. [...]

The pro-Israel "Predatory Sparrow" hacking group claims to have stolen over $90 million in cryptocurrency from Nobitex, Iran's largest crypto exchange, and burned the funds in a politically motivated cyberattack. [...]

North Korean advanced persistent threat (APT) 'BlueNoroff' (aka 'Sapphire Sleet' or 'TA444') are using deepfake company executives during fake Zoom calls to trick employees into installing custom malware on their computers. [...]

After reports suggested Meta has tried to poach employees from OpenAI and Google Deepmind by offering huge compensation packages, OpenAI CEO Sam Altman weighed in, saying those reports are true. He confirmed them during a podcast with his brother Jack Altman.

“There have been huge offers to a lot of our team,” said Sam Altman, “like $100 million in sign-on bonuses, more than that in annual compensation.”

According to Altman, the recruitment attempts have largely failed. “I’m really glad that, at least so far, none of our best people have chosen to take it.

Sam Altman says he thinks it’s because employees have decided that OpenAI has a better chance of achieving artificial general intelligence, AGI, than Meta. It could also be because they believe that OpenAI could one day be a higher-valued company than Meta.

More OpenAI news:

• OpenAI’s new models can ‘think with pictures’
• OpenAI-Microsoft tensions escalate over control and contracts
• OpenAI’s Skynet moment: Models defy human commands, actively resist orders to shut down
  

>

Every Mac, iPhone, or iPad user should do everything they can to protect themselves against social engineering-based phishing attacks, a new report from Jamf warns. In a time of deep international tension, the digital threat environment reflects the zeitgeist, with hackers and attackers seeking out security weaknesses on a scale that continues to grow. 

Based on extensive research, the latest edition of Jamf’s annual Security 360 report looks at security trends on Apple’s mobile devices and on Macs. It notes that we’ve seen more than 500 CVE security warnings on macOS 15 since its launch, and more than 10 million phishing attacks in the last year. The report should be on the reading list of anyone concerned with managing Apple’s products at scale (or even at home).

Security begins at home

With phishing and social engineering, protecting personal devices is as important as protecting your business machines. According to Jamf, more than 90% of cyberattacks originate from social engineering attacks, many of which begin by targeting people where they live. Not only that, but up to 2% of all the 10 million phishing attacks the company identified are also classified as zero-day attacks — which means attacks are becoming dangerously sophisticated. 

This has become such a pervasive problem that Apple in 2024 actually published a support document explaining what you should look for to avoid social engineering attacks. Attackers are increasingly creative, pose as trusted entities, and will use a combination of personal information and AI to create convincing attacks. They recognize, after all, that it is not the attack you spot that gets you, it’s the one you miss.

Within this environment, it is important to note that 25% of organizations have been affected by a social engineering attack — even as 55% of mobile devices used at work run a vulnerable operating system and 32% of organizations still have at least one device with critical vulnerabilities in use across their stack. (The latter is a slight improvement on last year, but not much.)

The nature of what attackers want also seems to be changing. Jamf noticed that attempts to steal information are surging, accounting for 28% of all Mac malware, which suggests some degree of the surveillance taking place. These info-stealing attacks are replacing trojans as the biggest threat to Mac security. The environment is similar on iPhones and iPads, all of which are seeing a similar spike in exploit attempts, zero-day attacks, and convincing social-engineering-driven moves to weaponize digital trust.

The bottom line? While Apple’s platforms are secure by design, the applications you run or the people you interact with remain the biggest security weaknesses the platform has. Security on any platform is only as strong as the weakest link in the chain, even while attack attempts increase and become more convincing and complex. 

Defense is the best form of defense

Arnold Schwarzenegger allegedly believes that one should not complain about a situation unless you are prepared to try to do something to make it better. “If you see a problem and you don’t come to the table with apotential solution, I don’t want to hear your whining about how bad it is,” he says.

With that in mind, what can you as a reader do today to help address the growing scourge of Apple-focused malware? Here are some suggestions from Jamf:

• Update devices to the latest software.
• Protect devices with a passcode.
• Use two-factor authentication and strong passwords to protect Apple accounts.
• Install apps only from the App Store.
• Use strong and unique passwords online.
• Don’t click on links or attachments from unknown senders.

And, of course, don’t use older, unprotected operating systems or devices — certainly not when handling critical or confidential data.

Layer up, winter is coming

Organizations can build on these personal protections, of course. Apple devices need Apple-specific security solutions, including endpoint management solutions; enterprises should adopt device management; and they should prepare for the inevitable attacks by fostering a positive, blame-free culture for incident reporting and by eliminating inter-departmental siloes. Investment in staff training is important, too. 

It is also important to understand that in a hybrid, multi-platform, ultra mobile world there is no such thing as strict perimeter security anymore. That’s why it is essential to secure endpoints and implement zero-trust. It’s also why it is important to adopt a new posture toward security — there is no single form of effective security protection. At best, your business security relies on layers of protection that together form an effective and flexible security defense.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.