APPLE has patched flaws used by the Coruna exploit kit in older iOS versions, according to Google, addressing vulnerabilities that could be triggered by malicious web content and exploited to gain kernel privileges. The fixes cover iOS 16.7.15 and iPadOS 16.7.15 for devices including the iPhone 8, 8 Plus, X, and several iPad models, as well as iOS 15.8.7 and iPadOS 15.8.7 for older devices such as iPhone XS/XS Max/XR and certain iPad generations.
The Coruna kit relies on WebKit vulnerabilities CVE-2023-43000 and CVE-2024-23222, with kernel escalation via CVE-2023-41974, and was first seen in targeted attacks before spreading to a wider set of sites. Apple’s security content notes that patches for this exploit were already shipped in earlier updates for newer iOS versions (iOS 16.6 through 17.2 in 2023–2024).
The Coruna campaign has included watering-hole activity targeting Ukrainian users by a suspected Russian espionage group and broader use on fake Chinese financial sites.