"This toolkit, which packs 23 individual exploits organized into five complete attack chains, has been quietly circulating in the cyber underground, enabling hackers to compromise iPhones running versions from iOS 13.0 (launched in September 2019) up to 17.2.1 (released in December 2023). The experts warned that its advanced techniques mark it as one of the most potent mobile threats observed in recent years."
"The Coruna kit's origins trace back to commercial surveillance vendors, where it was initially deployed for targeted monitoring operations. From there, it proliferated to nation-state actors, with evidence linking it to espionage campaigns, including Russia-linked attacks against Ukraine. The toolkit has since fallen into the hands of China-linked financially driven cybercriminals, who have repurposed it for large-scale fraud schemes."
"With Coruna, attackers can achieve remote code execution on vulnerable devices. Once inside, they gain full system access, allowing the installation of persistent malware. Apple has patched the underlying vulnerabilities in iOS updates released over the past two years, and it has now also decided to release fixes for users who cannot update to the latest version."
Apple published security advisories addressing the Coruna exploit kit, a sophisticated toolkit disclosed by Google and iVerify researchers in March 2026. Coruna contains 23 individual exploits organized into five attack chains, enabling mass exploitation of iPhones running iOS versions 13.0 through 17.2.1. Originally developed by commercial surveillance vendors, the toolkit has proliferated to nation-state actors and cybercriminals, with documented use in espionage campaigns and fraud schemes. The exploits enable remote code execution and full system access, allowing persistent malware installation. Apple released patches for iOS and iPadOS 15.8.7, addressing four critical vulnerabilities including kernel and WebKit flaws that attackers could exploit.
#apple-security-updates #coruna-exploit-kit #ios-vulnerabilities #mobile-malware #cybersecurity-threats
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]