Apple Patches Vulnerabilities in Older iPhones and iPads Against Coruna Exploits
In a recent move to bolster the security of its older iOS devices, Apple has released a batch of security updates aimed at patching vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit. These updates are crucial, as they address multiple exploit chains used in zero-day attacks that can help attackers escalate permissions to Kernel privileges or gain remote code execution on vulnerable devices.
The list of vulnerabilities addressed by these backported security patches includes CVE-2023-43010, a WebKit flaw, as well as other critical security issues that have been previously addressed in updates for newer iOS device models. Some of these updates were released in September 2023 and target specific security flaws in the iOS 15.8.7/16.7.15 and iPadOS 15.8.7/16.7.15 operating systems.
The Coruna exploit kit has been widely used by multiple threat groups since February 2025, including a suspected Russian state-backed hacking group (UNC6353), a surveillance vendor customer, and a financially motivated Chinese threat actor (UNC6691). In the case of UNC6691, the threat actor was spotted deploying the exploit kit on fake gambling and crypto websites to deliver malware payloads that stole cryptocurrency wallets from infected victims' devices.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three of the 23 vulnerabilities targeted by Coruna to its catalog of Known Exploited Vulnerabilities. CISA has also ordered Federal Civilian Executive Branch (FCEB) agencies to patch their iOS devices by March 26, as mandated by the Binding Operational Directive (BOD) 22-01. This directive emphasizes the importance of addressing vulnerabilities in the federal enterprise to prevent malicious cyber attacks.
Furthermore, Apple has also fixed a zero-day vulnerability (CVE-2026-20700) exploited in an "extremely sophisticated attack" targeting specific individuals and allowing threat actors to execute arbitrary code on compromised devices. The vulnerability was reported by Google's Threat Analysis Group, but no details about how the vulnerability was exploited were provided.
In light of these updates, it is essential for users of older iOS devices to apply the patches released by Apple as soon as possible. This will help prevent the exploitation of these vulnerabilities and minimize the risk of falling victim to cyber attacks.
In conclusion, Apple's recent release of security updates to patch vulnerabilities in older iPhones and iPads against Coruna exploits is a significant step towards improving the security of its devices. By addressing multiple exploit chains and zero-day vulnerabilities, Apple is helping to protect its users from the latest cyber threats.