Apple Updates Legacy iOS Variations to Patch Coruna Exploits – Cyber Tech

Apple revealed new safety advisories on Wednesday, informing iPhone and iPad customers that updates can be found for legacy variations of iOS and iPadOS to handle the lately disclosed Coruna exploits.

In early March 2026, researchers from Google and iVerify disclosed the main points of a complicated exploit package dubbed Coruna. Described as ‘nation-state grade’, Coruna permits mass exploitation in opposition to Apple’s iOS ecosystem. 

This toolkit, which packs 23 particular person exploits organized into 5 full assault chains, has been quietly circulating within the cyber underground, enabling hackers to compromise iPhones working variations from iOS 13.0 (launched in September 2019) as much as 17.2.1 (launched in December 2023). 

The specialists warned that its superior methods mark it as probably the most potent cellular threats noticed in recent times.

The Coruna package’s origins hint again to business surveillance distributors, the place it was initially deployed for focused monitoring operations. From there, it proliferated to nation-state actors, with proof linking it to espionage campaigns, together with Russia-linked assaults in opposition to Ukraine. The toolkit has since fallen into the fingers of China-linked financially pushed cybercriminals, who’ve repurposed it for large-scale fraud schemes. 

With Coruna, attackers can obtain distant code execution on susceptible units. As soon as inside, they achieve full system entry, permitting the set up of persistent malware.

Apple has patched the underlying vulnerabilities in iOS updates launched over the previous two years, and it has now additionally determined to launch fixes for customers who can’t replace to the most recent model. 

Particularly, iOS and iPadOS 15.8.7 patch 4 vulnerabilities: CVE-2023-41974, CVE-2024-23222, CVE-2023-43000, and CVE-2023-43010. The primary is a kernel problem, whereas the opposite three are WebKit flaws.

In response to Apple, the kernel vulnerability will be exploited by a malicious app to execute arbitrary code with kernel privileges. A repair was initially rolled out in iOS 17 in September 2023.

The WebKit vulnerabilities will be exploited for arbitrary code execution utilizing specifically crafted internet content material. Fixes for these safety holes had been initially rolled out by Apple in iOS 17.3 (CVE-2024-23222, January 2024), iOS 16.6 (CVE-2023-43000, July 2023), and iOS 17.2 (CVE-2023-43010, December 2023). 

iOS and iPadOS 16.7.15 solely deal with CVE-2023-43010. 

Whereas Google has confirmed seeing lively exploitation and the cybersecurity company CISA has added a number of of the Coruna flaws to its Recognized Exploited Vulnerabilities (KEV) catalog, Apple’s advisories don’t point out in-the-wild exploitation.

Apple usually specifies in its advisories if it’s conscious of lively exploitation. 

Associated: Apple iPhone and iPad Cleared for Labeled NATO Use

Associated: Apple Patches iOS Zero-Day Exploited in ‘Extraordinarily Subtle Assault’