Jamf’s latest Security 360 report shows trojan detections now exceed half of all Mac malware incidents, up from roughly 17 % a year ago. The surge isn’t a broad trend; a single family dubbed Atomic Stealer dominates both the trojan and infostealer categories. Its dual classification forces analysts to rethink how macOS threats are grouped. This shift signals a new threat vector for macOS users.

Security Bite host Arin argues that the rise of Atomic Stealer blurs the line between traditional malware types, complicating detection for enterprise MDM solutions. With over 45,000 organizations relying on platforms like Mosyle to automate hardening and compliance, the convergence challenges existing signature‑based defenses and pushes vendors toward behavior‑based analytics. Such convergence also strains traditional quarantine workflows.

That 50% share of trojan detections now makes trojans the top macOS malware class, overtaking infostealers for the first time. For security teams, the takeaway is clear: protecting Macs requires tools that can flag hybrid behaviors, not just static families. As attackers merge functionalities, the industry’s defensive playbook must evolve accordingly. Enterprises that ignore this trend risk widespread credential theft.