惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
Forbes - Security
Forbes - Security
The Last Watchdog
The Last Watchdog
TaoSecurity Blog
TaoSecurity Blog
Schneier on Security
Schneier on Security
SecWiki News
SecWiki News
V
Vulnerabilities – Threatpost
Project Zero
Project Zero
O
OpenAI News
W
WeLiveSecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
H
Hacker News: Front Page
Cisco Talos Blog
Cisco Talos Blog
Spread Privacy
Spread Privacy
Help Net Security
Help Net Security
P
Privacy & Cybersecurity Law Blog
K
Kaspersky official blog
S
Security @ Cisco Blogs
Latest news
Latest news
AWS News Blog
AWS News Blog
U
Unit 42
Martin Fowler
Martin Fowler
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Know Your Adversary
Know Your Adversary
Scott Helme
Scott Helme
博客园 - 司徒正美
B
Blog RSS Feed
C
Check Point Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
D
Docker
Google Online Security Blog
Google Online Security Blog
Jina AI
Jina AI
aimingoo的专栏
aimingoo的专栏
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Last Week in AI
Last Week in AI
月光博客
月光博客
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Attack and Defense Labs
Attack and Defense Labs
小众软件
小众软件

Enterprise – Silicon Republic

Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report Canvas parent settles with hacker group that stole user data ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban What’s the difference between IT and OT security? Opinion: Why ISO 27001 alone won't save your data from itself Report: Medical device cyberattacks on the rise AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Pure Storage, now Everpure, to acquire 1touch Hacker used commercial AI to breach 600 firewalls: AWS Why cloud strategies are pivoting from reaction to precision ‘Complexity is where cyber risk tends to grow’ ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
Hacking tool with possible US origins targets outdated iPhones
Suhasini Srinivasaragavan · 2026-03-04 · via Enterprise – Silicon Republic

iPhone users should update their device to the latest iOS version to protect against such exploits.

Outdated iPhones are being targeted by a new and powerful exploit kit called ‘Coruna’, with potential nation-state origins.

According to Google Threat Intelligence Group (GTIG), Coruna targets iPhone models running iOS versions from 13.0 up to 17.2.1.

iVerify said Coruna is a significant example of spyware tech going from commercial surveillance vendors to nation-state actors, and then to mass-scale criminal operations, while also linking the exploit toolkit’s origins to the US government.

The exploit kit infects outdated iPhones visiting certain websites. It does not contain any specific targeting or one-time links, according to iVerify, meaning anyone who visited such a website while running a vulnerable iOS version could get infected, and also get re-infected multiple times.

“This is not typical for targeted attacks used by nation-states, but rather e-criminal groups,” noted iVerify.

The toolkit is “highly sophisticated, took millions of dollars to develop, and it bears the hallmarks of other modules that have been publicly attributed to the US government”, iVerify co-founder Rocky Cole said in a statement.

“This is the first example we’ve seen of very likely US government tools – based on what the code is telling us – spinning out of control and being used by both our adversaries and cybercriminal groups,” he added. iVerify also said that this is the first time mass exploitation against iOS devices has been observed amongst the public.

According to GTIG, Coruna’s threat lies in its comprehensive collection of iOS exploits, with the most advanced tools using non-public exploitation techniques and mitigation bypasses.

In one instance, GTIG observed that the toolkit was used by a suspected Russian espionage group to target Ukrainian users, while later, it was being used by a financially motivated threat actor operating from China.

How the toolkits are shared is unclear, GTIG said, while noting the possible existence of an “active market for ‘second-hand’ zero-day exploits”.

The Coruna exploit kit is only effective against older iOS versions, and iPhone users should update their device to the latest iOS version to protect against such exploits.

GTIG suggests using ‘Lockdown Mode’ in cases where the iPhone model is old and cannot update to the latest version. However, for most regular consumers, the highly restrictive Lockdown Mode is unnecessary.

Last month, Amazon Web Services highlighted how commercial AI is being used by “unsophisticated” criminals to scale cyberattacks on enterprises.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.