惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
P
Privacy International News Feed
L
LINUX DO - 热门话题
T
Threatpost
Latest news
Latest news
C
Cybersecurity and Infrastructure Security Agency CISA
Cisco Talos Blog
Cisco Talos Blog
Cyberwarzone
Cyberwarzone
Spread Privacy
Spread Privacy
Recent Announcements
Recent Announcements
C
CXSECURITY Database RSS Feed - CXSecurity.com
The Register - Security
The Register - Security
MongoDB | Blog
MongoDB | Blog
NISL@THU
NISL@THU
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
G
GRAHAM CLULEY
K
Kaspersky official blog
L
Lohrmann on Cybersecurity
V
Vulnerabilities – Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Last Week in AI
Last Week in AI
Google DeepMind News
Google DeepMind News
Y
Y Combinator Blog
博客园 - 三生石上(FineUI控件)
WordPress大学
WordPress大学
H
Help Net Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cisco Blogs
Security Latest
Security Latest
博客园 - 叶小钗
博客园 - Franky
The Hacker News
The Hacker News
Engineering at Meta
Engineering at Meta
Scott Helme
Scott Helme
S
Securelist
The GitHub Blog
The GitHub Blog
云风的 BLOG
云风的 BLOG
博客园 - 【当耐特】
A
About on SuperTechFans
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园_首页
B
Blog RSS Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
月光博客
月光博客
有赞技术团队
有赞技术团队
T
The Blog of Author Tim Ferriss
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Hackread – Cybersecurity News, Data Breaches, AI and More
T
Tor Project blog
A
Arctic Wolf

Cyberwarzone

LinkedIn Sued Over Browser Extension Scanning Why Cyberwarfare Uses Ambiguity and Delayed Attribution as Pressure Why Cyberwarfare Pressures Trusted Access and Account Recovery Paths Why Cyberwarfare Keeps Pressuring Recovery Paths and Fallback Systems Why Cyberwarfare Keeps Pressuring Shared Service Providers Why Cyberwarfare Pressures Industry Clusters Why Cyberwarfare Turns Nearby Economies Into Spillover Zones Why Cyberwarfare Forces Firms to Scan Networks Early Why Cyberwarfare Targets Crisis Messaging Systems Why Cyberwarfare Keeps Pressuring Energy Networks Why Cyberwarfare Keeps Pressuring Communications Networks Why Cyberwarfare Keeps Pressuring Shipping and Logistics Networks Why Cyberwarfare Keeps Pressuring Banks and Financial Networks Why Endpoint Management Systems Are Becoming Cyberwarfare Choke Points Why Cyberwarfare Targets Healthcare and Medical Supply Chains Why Cyberwarfare Increasingly Exploits Trusted Civilian Apps Why Cyberwarfare Hits Civilian Companies First Critical Quest KACE SMA RCE (CVE-2025-32975) Under Attack Handala Rebounds After FBI Seizure, Exposing Iran Cyberwar Resilience Top 10 Cyber Escalation Risks Security Leaders Should Understand Top 10 Questions to Ask Before Calling an Incident Cyberwarfare Top 10 Cyber Deterrence Problems Security Leaders Should Understand Top 10 OT and ICS Risks in Modern Cyberwarfare Top 10 Cyberwarfare Doctrine Ideas Security Leaders Should Understand Top 10 Attribution Problems in State-Linked Cyber Operations Iran Cyberwar: Identity Systems Become the Target Iran Cyberwar Shifts to Spillover, Retaliation, and Control Top 10 Critical Infrastructure Sectors Most Exposed in Cyberwarfare Top 10 Below-Threshold Cyber Operations States Use Top 10 Differences Between Cyberwarfare and Cyber Espionage Top 10 Signs a Cyber Campaign Is Pre-Positioning for Future Conflict Top 10 Signs a CVE Needs Clear Closure Criteria Top 10 Signs a CVE Needs Proof of Remediation Top 10 Signs a CVE Needs a Risk Acceptance Review Top 10 Signs a CVE Needs Asset Owner Escalation Top 10 Signs a CVE Needs a Special Maintenance Window Top 10 Signs a CVE Needs Compensating Controls Before You Can Patch Top 10 Signs a CVE Needs a Staged Patch Rollout Top 10 Signs a CVE Is More Dangerous as Part of an Exploit Chain Top 10 CVE Sources Security Teams Should Check After Reading a CVE Top 10 CVE Fields Security Teams Should Review Before Patching Top 10 CVE Items Security Teams Should Patch First in 2026 Trivy Supply Chain Attack Spreads Infostealer, Worm, and Kubernetes Wiper via Docker Hub Hong Kong Police Can Demand Phone Passwords Under New Security Law North Korean Hackers Deploy StoatWaffle Malware via VS Code Projects FBI Seizes MOIS Leak Sites After Handala Attack Hit Hospitals Baghdad to Ras Laffan: Iran-Linked Strikes Widen the Regional War Dutch Police Employee Critical of Iranian Regime Shot in Schoonhoven Lebanon Death Toll Tops 1,000 as Israeli Bombardment Continues Pentagon Seeks $200 Billion for Iran War With No End Date in Sight Trump’s Pearl Harbor Remark Exposes Japan’s Iran War Dilemma Haifa Refinery Hit as Iran Expands Retaliation to Israeli Energy Sites Who Commands Iran Now After Larijani’s Killing? How to Report Remediation Progress to Leadership Which Vulnerability Remediation Metrics Matter Gulf Drug Supply Chains Strain as Hormuz Disruption Spreads LNG Buyers Scramble as Hormuz Disruption Hits Qatari Supply Routes Gulf Importers Reroute Supplies as Hormuz Disruption Spreads How to Run Emergency Change Approval for Security Patches EU Eases Gas Import Rules as Iran Crisis Threatens Hormuz Flows Gulf Producers Turn to Pipelines as Hormuz Shipping Risk Deepens How to Communicate During Emergency Patching Iran Warns Gulf Energy Sites to Evacuate After South Pars Strike Who Owns Vulnerability Remediation? Europe Signals Distance From Trump’s Iran War While Watching Hormuz What to Monitor After Emergency Patching to Catch Incomplete Fixes Gulf States Create Safe Sea Corridor as Hormuz Risk Rises How to Verify a Vulnerability Is Really Remediated EU Sanctions Chinese, Iranian Firms Over Cyberattacks When to Grant a Vulnerability Exception CISA Warns on Microsoft Intune After Stryker Cyberattack How to Validate Vulnerability Exposure Before You Escalate a Patch How to Write a Vulnerability Remediation SLA That Works 5 KEV Lessons That Show How Patch Prioritization Fails How to Build a KEV-Driven Patch Workflow Without Burning Out Your Team Greek Firms Scan Networks as Iran War Raises Cyberattack Risk KEV vs CVSS vs EPSS: Which Signal Should Drive Patch Priority? Top 10 Signs a CVE Needs Emergency Patching Top 10 MDR Tools for 2026: Compare Leading Providers Red Sea Risk Rises as Houthi Shipping Threat Looms Top 10 SOAR Tools for 2026: Compare Leading Platforms Top 10 XDR Tools for 2026: Compare Leading Platforms Hezbollah Readiness Grows as Lebanon Front Heats Up Top 10 EDR Tools for 2026: How to Compare Leading Platforms Top 10 SIEM Tools for 2026: How to Compare the Leading Platforms Airstrikes Target Iran’s Syria Logistics Corridor as Regional Proxy War Expands Drone and Rocket Attacks on U.S. Embassy Mark Sharp Escalation in Baghdad South Pars Gas Field Hit: Iran Warns of Gulf Energy Escalation Service Account Security: How to Control Privilege, Rotation, Ownership, and Trust Paths Incident Response Playbook: How to Triage, Contain, Investigate, and Recover Middle East war disrupts pharma air routes and raises risk of cancer drug shortages in Gulf Cisco Talos links UAT-9244 to TernDoor, PeerTime, and BruteEntry attacks on South American telecoms FortiGate devices exploited to steal service account credentials and breach networks Attack Surface Management: How to Find Exposed Assets, Prioritize Risk, and Reduce Drift CISA adds two actively exploited vulnerabilities to KEV catalog Meta disables 150,000 accounts linked to Southeast Asia scam centers CISA adds five actively exploited vulnerabilities to KEV catalog What Is Zero Trust? A Practical Guide to Identity, Access, and Network Segmentation INTERPOL operation takes down 45,000 malicious IPs and leads to 94 arrests ADNOC loading still halted at Fujairah after drone strike as Iran war disrupts UAE export corridor
Apple updates older iPhones and iPads for WebKit flaw exploited in Coruna spyware attacks
2026-03-16 · via Cyberwarzone

Apple has released iOS 15.8.7 and iPadOS 15.8.7 and iOS 16.7.15 and iPadOS 16.7.15 to patch WebKit and kernel flaws on older iPhones and iPads that the company says were associated with the Coruna exploit. The updates were published on March 11 and apply fixes that Apple had previously shipped in newer iOS releases to devices that cannot move to the latest operating system versions.

According to Apple’s security notes for iOS 15.8.7 and iPadOS 15.8.7, the update fixes three vulnerabilities on older devices: CVE-2023-41974, a kernel use-after-free issue that could allow an app to execute arbitrary code with kernel privileges; CVE-2024-23222, a WebKit type confusion issue that could allow arbitrary code execution through malicious web content; and CVE-2023-43010, a WebKit memory corruption flaw tied to maliciously crafted web content.

The same Apple document says the fixes are available for iPhone 6s, iPhone 7, the first-generation iPhone SE, iPad Air 2, iPad mini 4, and iPod touch 7. Apple said the kernel fix associated with the Coruna exploit was originally shipped in iOS 17 on September 18, 2023, while the WebKit fixes were previously shipped in iOS 16.6 on July 24, 2023, iOS 17.2 on December 11, 2023, and iOS 17.3 on January 22, 2024.

“This update brings that fix to devices that cannot update to the latest iOS version.” — Apple security notes for iOS 15.8.7 and iPadOS 15.8.7

Apple’s separate security note for iOS 16.7.15 and iPadOS 16.7.15 addresses CVE-2023-43010 on iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and the first-generation iPad Pro 12.9-inch. Apple says the flaw could allow memory corruption when processing malicious web content and notes that the fix tied to the Coruna exploit had already been shipped in iOS 17.2 on December 11, 2023.

Apple backported Coruna-linked fixes to older hardware

Apple’s security releases page shows both older-device updates were issued on March 11, 2026, alongside newer platform releases. Apple did not name an actor in the advisories, but explicitly linked the addressed issues to the Coruna exploit, which had previously been documented as a WebKit and kernel exploitation chain used in targeted attacks.

The older-device fixes extend Apple’s recent pattern of shipping supplementary protections to hardware that no longer receives the newest iOS branch, a patching approach that overlaps with Cyberwarzone’s earlier coverage of Apple’s iOS CVE-2025-43300 zero-click patch analysis and its reporting on actively exploited software flaws added to CISA’s Known Exploited Vulnerabilities catalog.

The Apple advisories credit Félix Poulin-Bélanger for reporting CVE-2023-41974, while Apple credits itself for CVE-2023-43000 and CVE-2023-43010. The company did not publish additional indicators of compromise or operational details about the attacks in the security notes.

About the Author

Peter Chofield Avatar

Peter Chofield

Passionate about cybersecurity, Peter dedicates his days to reading, analyzing, and writing about the trends shaping the online world.