BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Apple Patches Coruna Exploit in Older iPhones

Apple backports critical security fixes for older iPhones patching exploited Coruna malware.

  • Apple has backported critical security fixes to older iPhones and iPads to patch a WebKit flaw exploited by the sophisticated Coruna malware kit.
  • The Coruna exploit framework contains 23 exploits designed to target iPhones running iOS versions 13.0 through 17.2.1.
  • Researchers note that two exploits within Coruna target the same vulnerabilities used in the high-profile Operation Triangulation campaign.
  • Evidence suggests Coruna was likely designed by U.S. military contractor L3Harris and may have been sold to a Russian broker.

On March 12, 2026, Apple released emergency security updates for several older iPhone and iPad models to counter a sophisticated exploit kit. The move backported patches for a critical vulnerability, CVE-2023-43010, which was being actively used by the Coruna framework.

- Advertisement -

This flaw, a memory corruption bug in WebKit, was originally fixed in late 2023. Consequently, the latest updates extend protection to devices like the iPhone 6s and original iPad Air that cannot run the newest iOS versions.

The backported iOS 15.8.7 update also includes fixes for three other flaws linked to Coruna, including a kernel privilege escalation bug, CVE-2023-41974. Meanwhile, Google recently revealed the exploit kit contains 23 exploits across five chains targeting a wide range of iOS versions.

Researchers at iVerify are tracking the malware, noting its similarities to frameworks developed by U.S. government-affiliated actors. Furthermore, reports indicate Coruna was likely designed by military contractor L3Harris.

An intriguing connection exists to the 2023 Operation Triangulation campaign. Specifically, Coruna weaponizes two of the same vulnerabilities used in that attack, according to Kaspersky.

- Advertisement -

However, attribution remains difficult. Boris Larin of Kaspersky GReAT stated, “Despite our extensive research, we are unable to attribute Operation Triangulation to any known APT group or exploit development company.” He emphasized that sharing exploited vulnerabilities does not confirm shared code.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

SK Hynix ADR gains vanish in under a day

SK Hynix's ADRs rose 12.7% on Nasdaq debut Friday but the entire gain was...

Binance futures hit 2026 high as spot market lags

Binance recorded $1.6 trillion in futures trading volume in June, its highest level of...

CISA adds two critical Joomla extension flaws to KEV list

U.S. CISA added two maximum-severity Joomla extension flaws to its Known Exploited Vulnerabilities (KEV)...

Russia, India push de-dollarization to hit $100 billion trade target

Russia and India are accelerating a bilateral trade deal to reach a $100 billion...

AI freelancers could drive $262B in stablecoin payments by 2033

Swyftx projects that $262 billion of the AI-native gig economy's payment volume could be...

Must Read

Top 7 BEST Crypto Trading Bots for Beginners

QUICK NAVIGATIONQuick Look: Top 3 Best Crypto Trading BotsWhat Exactly is a Crypto Trading Bot?How I Chose These Trading BotsTop 7 Crypto Trading Bots...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading