Apple has released backported security updates for older iPhones and iPads to patch vulnerabilities exploited by the Coruna exploit kit in cyberespionage and crypto-theft campaigns. The fixes address kernel and WebKit issues across multiple CVEs and follow CISA actions that added some Coruna-targeted flaws to its Known Exploited Vulnerabilities list. #Coruna #UNC6691
Keypoints
- Apple backported security patches to older iPhones and iPads to fix vulnerabilities exploited by the Coruna exploit kit.
- The updates address kernel and WebKit flaws including CVE-2023-41974, CVE-2023-43000, CVE-2023-43010, and CVE-2024-23222.
- Affected devices include models running iOS/iPadOS 15.8.7 and 16.7.15 such as iPhone 6s through iPhone X and several older iPad models.
- Google GTIG linked Coruna to multiple threat actors since February 2025, including suspected state-backed UNC6353 and financially motivated UNC6691.
- CISA added some Coruna-targeted flaws to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch affected devices per BOD 22-01.