THE weekly recap flags a flurry of activity, led by a Qualcomm flaw that has been exploited in the wild: CVE-2026-21385, a high‑severity buffer over-read in the Graphics component with a CVSS of 7.8, with Google noting indications of limited, targeted exploitation. Another standout is Coruna, the iOS exploit kit that uses 23 exploits across five chains to target iPhone models from iOS 13 to 17.2.1.
The report also highlights AirSnitch, a new attack that challenges Wi‑Fi client isolation and could enable man‑in‑the-middle capabilities even where isolation protections exist, as described by researchers. In parallel, the Pakistan‑aligned threat actor Transparent Tribe is deploying AI‑assisted vibe‑coded malware against Indian entities, using niche languages to evade detection.
The round‑up also touches on a broader landscape of threats, including a few high‑profile cases and evolving attack techniques, underscoring the ongoing need for patching and proactive defence. According to Google, the exploitation of CVE-2026-21385 remains a warning sign for Android‑critical components as the threat landscape continues to shift.