ACCORDING to Jamf, the mobile device attack surface is wide, fragmented and not adequately controlled, with a dual focus on device state and adversarial activity. The report retrospects 2025 across more than 1.7 million devices in Jamf’s footprint and looks at threats drawn from global events and research.
It reveals sobering security failings: 53% of organisations had at least one device with a critically out-of-date operating system, 18% had employees connecting to risky hotspots, one in every 850 devices had been jailbroken, and 8% of devices had clicked on a phishing link. The report also notes app risks, finding that about 86% of 135 popular apps analysed on 31 December 2025 have known security flaws, with only 14% considered to have minimal risk.
A growing hazard is Shadow AI embedded in third‑party or even some official-store apps, silently entering the mobile estate. Adversarial activity is highlighted by noted spyware such as Predator, Pegasus, Graphite, Dante, Landfall and Spyrtacus, with Coruna and DarkSword already appearing in 2026.