Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
Quick Insights
The Bottom Line
Federal agencies ordered to patch critical iOS vulnerabilities exploited by three distinct threat groups over 10 months.
How This Affects You
Users on iOS 13-17.2.1 face exploitation risk unless patched. Lockdown mode and private browsing provide protection.
AI Summary
# Summary The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited across a 10-month span by three distinct hacking groups using Coruna, an advanced exploit kit containing 23 separate iOS exploits, according to a Google report published Thursday. The vulnerabilities, which had been previously patched by Apple, still pose significant risk to older iOS versions (13 through 17.2.1) when exploited through Coruna's sophisticated code, which includes a novel JavaScript framework with advanced obfuscation techniques and pointer authentication code bypasses. The three campaigns involved a surveillance vendor customer in February 2025, a suspected Russian espionage group targeting Ukrainian users in July 2025, and a financially motivated Chinese threat actor in December 2025. CISA added the three vulnerabilities to its known exploited vulnerabilities catalog on Friday, mandating federal agency patching and recommending all organizations do the same. The exploits are ineffective against Apple's Lockdown mode or private browsing mode.
What's Being Done
CISA mandated federal agency patching and recommended organizations patch three critical iOS vulnerabilities added to exploit catalog.
Following this story?
Get notified when new coverage appears
Other Sources Covering This Story
1 sourceMultiple outlets have reported on this story. Compare perspectives from different sources.
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
This article is part of a story we're tracking:
Should this be getting more attention?
You Might Have Missed
Related stories from different sources and perspectives
Technology8 new emojis arrive in Apple iOS 26.4 update for iPhone users - USA Today
<a href="https://news.google.com/rss/articles/CBMilwFBVV95cUxNS2p4YkFKM0hrQ1Y5MXQybTNtQTBGcS04VndGNU1pNTNEWk40NXNyaUQtNjFwd00tangwUm83YWkycWs0UjlULXVzWXp0bVlPUjlTZDJqT0lXOE5POE5taGRfZUI0WlgyRlB1ZTRkQVgtQXdNaWx5dUQ2ak5XT3lYVlI4MlNrdDFLYUdLSm9MN09CREtpek9r?oc=5" target="_blank">8 new emojis arrive in Apple iOS 26.4 update for iPhone users</a> <font color="#6f6f6f">USA Today</font>
Government TransparencyFeds move to dismiss charges against officers accused of falsifying warrant in Breonna Taylor raid - AP News
<a href="https://news.google.com/rss/articles/CBMioAFBVV95cUxPaXlwSzJXbjR3Nm9aQzlEVXZNVUNyVWdYenVVTlIyMlM0eWYwUFlYOGdRVW1KZThydDBZLVlrSkNLdGxsWEdsaHd4SFBOUFFVem1tOHlyS3d0d1dMLWxpYkcxX0NkdkpNWFR1dWFvOHlaUXVfNjFBNWlXZ0xDSGtOd09ZT2dMdXhlUHJ3RXRac0dMTlRSMngyOUUxUVlabEJL?oc=5" target="_blank">Feds move to dismiss charges against officers accused of falsifying warrant in Breonna Taylor raid</a> <font color="#6f6f6f">AP News</font>
TechnologyFeds say no need to recall Tesla's one-pedal driving despite petition
National SecurityTrump mulls risky Kharg Island takeover to force Iran to open strait - Axios
Government TransparencyPirro deputy admits feds couldn’t find criminal evidence against Powell
An assistant U.S. Attorney acknowledged to a federal judge earlier this month that the Justice Department had no criminal evidence against Federal Reserve Chair Jerome Powell. Andrew Massucco, a deputy to U.S. Attorney for the District of Columbia Jeanine Pirro, made the admission to Judge James Boasberg on March 3, according to a sealed transcript…
National SecuritySpyware once used by governments is now spreading to cybercriminals
<p>Cybercriminal groups are now using <a href="https://www.axios.com/2024/02/06/spyware-industry-proliferates-google" target="_blank">spyware</a> tools once utilized mainly by spies and law enforcement to hack into iPhones, new research shows.</p><p><strong>Why it matters</strong>: Anyone with an iPhone can now be the target of invasive malware that siphons off personal text messages, photos, notes and calendar data. </p><hr><p><strong>Driving the news</strong>: In the last month, researchers at Google, iVerify and Lookout uncovered two campaigns exploiting iPhone vulnerabilities.</p><ul><li>Earlier this month, Google researchers said they identified a sophisticated iPhone hacking toolkit, called <a href="https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit" target="_blank">Coruna</a>, originally built for an unnamed government customer that later ended up in the hands of a Chinese cybercriminal group. TechCrunch later <a href="https://techcrunch....
Instagram and YouTube found liable in landmark social media addiction trial in California
A jury found both Meta and YouTube liable in a first-of-its-kind lawsuit that aimed to hold social media platforms responsible for harm to children using their services.
Did this story change how you see things?
Stories like this only matter when people see them. Help us get verified journalism in front of more eyes.
The Verity Ledger curates verified investigative journalism from trusted sources only.
See our sourcesMost Read This Week
Fentanyl found inside Barbies sold at Missouri discount store, police say
Senate deal reached to cap insulin costs
Pentagon's limits on press access unconstitutional, US judge rules - Reuters
The West's historic snow drought could bring water shortages, wildfires
Washington ignores America's fiscal cliff
