Apple Patches Coruna Exploit in Older iPhones

On March 12, 2026, Apple released emergency security updates for several older iPhone and iPad models to counter a sophisticated exploit kit. The move backported patches for a critical vulnerability, CVE-2023-43010, which was being actively used by the Coruna framework.

This flaw, a memory corruption bug in WebKit, was originally fixed in late 2023. Consequently, the latest updates extend protection to devices like the iPhone 6s and original iPad Air that cannot run the newest iOS versions.

The backported iOS 15.8.7 update also includes fixes for three other flaws linked to Coruna, including a kernel privilege escalation bug, CVE-2023-41974. Meanwhile, Google recently revealed the exploit kit contains 23 exploits across five chains targeting a wide range of iOS versions.

Researchers at iVerify are tracking the malware, noting its similarities to frameworks developed by U.S. government-affiliated actors. Furthermore, reports indicate Coruna was likely designed by military contractor L3Harris.

An intriguing connection exists to the 2023 Operation Triangulation campaign. Specifically, Coruna weaponizes two of the same vulnerabilities used in that attack, according to Kaspersky.

However, attribution remains difficult. Boris Larin of Kaspersky GReAT stated, “Despite our extensive research, we are unable to attribute Operation Triangulation to any known APT group or exploit development company.” He emphasized that sharing exploited vulnerabilities does not confirm shared code.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Hyperliquid (HYPE) Defies Market Dip with 8% Daily Surge
• Burry Criticizes Palantir’s AI Reliance Amid Military Use Reports
• US Prosecutors Urge Judge to Deny SBF Retrial Bid
• Bitcoin Slips Below $70K, Analyst Predicts $10K Plunge
• Metaplanet Launches $25M Bitcoin Venture Fund in Japan