Ethical Hacking News
Apple has released security updates to patch vulnerabilities targeted by the Coruna exploit kit, bolstering the security posture of its older iPhone and iPad models.
The latest security updates from Apple are designed to patch vulnerabilities exposed by the Coruna exploit kit.The updates primarily address Kernel use-after-free, WebKit type confusion, and WebKit use-after-free vulnerabilities.The impacted devices include various older iPhone and iPad models running iOS 15.8.7/16.7.15 operating systems.The security patches have been backported to enable compatibility with older iOS versions that are no longer receiving updates.Apple is taking proactive steps to safeguard its customers' devices against exploitation by malicious actors, including suspected Russian state-backed hacking groups and financially motivated Chinese threat actors.The incorporation of these security patches demonstrates Apple's commitment to maintaining the safety of its entire device lineup, even as newer models are updated with the latest security features.
In a move aimed at bolstering the security posture of its older iPhone and iPad models, Apple has recently released a set of security updates designed to patch vulnerabilities exposed by the Coruna exploit kit. This development comes as part of an ongoing effort to address emerging cyber threats targeting these devices.
The Coruna exploit kit has been identified as a key vector in various cyberespionage and crypto-theft attacks. By incorporating patches for several vulnerabilities targeted by this exploit kit, Apple is taking proactive steps to safeguard its customers' devices against exploitation by malicious actors.
According to the details provided in the context data, these security updates primarily address issues related to Kernel use-after-free, WebKit type confusion, and WebKit use-after-free vulnerabilities. By rectifying these concerns, Apple aims to prevent attackers from exploiting these flaws to gain unauthorized access to device functionality or execute arbitrary code on compromised devices.
The list of impacted devices is extensive, encompassing a wide range of older models that run the iOS 15.8.7/16.7.15 operating systems. This includes various iPhone and iPad series, such as the iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPhone 8, iPhone 8 Plus, iPhone X, as well as specific iPad models, including iPad Air 2, iPad mini (4th generation), iPod touch (7th generation), and iPad Pro devices.
These security patches have been backported to enable compatibility with older iOS versions that are no longer receiving updates. This measure underscores Apple's commitment to maintaining the safety of its entire device lineup, even as newer models are updated with the latest security features.
Notably, the Coruna exploit kit has been linked to various threat actors, including a suspected Russian state-backed hacking group (UNC6353), a surveillance vendor customer, and a financially motivated Chinese threat actor (UNC6691). These groups have employed the Coruna exploit kit in targeted attacks aimed at gaining unauthorized access to sensitive information or stealing cryptocurrency wallets from compromised devices.
The incorporation of these security patches by Apple signifies an effort to counter emerging threats that are increasingly sophisticated. By providing timely updates for older models, Apple is helping to reduce the overall risk faced by its customers, ensuring their devices remain secure against a range of potential cyber attacks.
As part of this broader effort to enhance iOS security, Apple has also recently fixed a zero-day vulnerability (CVE-2026-20700) that was exploited in an "extremely sophisticated attack" targeting specific individuals. The involvement of Google's Threat Analysis Group in identifying and reporting this vulnerability highlights the collaborative nature of cybersecurity efforts, with major players working together to share threat intelligence and mitigate emerging risks.
Furthermore, this development reflects Apple's ongoing commitment to patching vulnerabilities exposed by widely-used exploit kits like Coruna. By taking proactive steps to address these issues, Apple is demonstrating its dedication to maintaining the security posture of its customers' devices, even as new threats emerge in an increasingly dynamic cyber threat landscape.
In conclusion, the recent release of security updates designed to address vulnerabilities exposed by the Coruna exploit kit represents a significant step forward for iOS security. By bolstering the defenses of older iPhone and iPad models, Apple is reinforcing its position as a leader in cybersecurity innovation and commitment to customer safety.
Related Information:
https://www.ethicalhackingnews.com/articles/Apple-Patches-Vulnerabilities-Exposed-by-Coruna-Exploit-Kit-to-Improve-iOS-Security-ehn.shtml
https://www.bleepingcomputer.com/news/apple/apple-patches-older-iphones-and-ipads-against-coruna-exploits/
https://www.securityweek.com/apple-updates-older-ios-versions-to-patch-coruna-exploits/
Published: Thu Mar 12 10:21:16 2026 by llama3.2 3B Q4_K_M
