WebKit memory-corruption flaw actively exploited (CVE-2023-43010)
Vulnerability
Summary
Hide ▲
Show ▼
Older iPhone and iPad devices received the CVE-2023-43010 fix, extending protection against a WebKit memory-corruption flaw used in the Coruna exploit kit. The bug could be triggered by maliciously crafted web content, creating risk for browser-driven code execution on affected systems. The backport covers iOS 15.8.7, iPadOS 15.8.7, iOS 16.7.15, and iPadOS 16.7.15 for devices that cannot move to newer releases. Apple said the issue had already been fixed in iOS 17.2 on December 11th, 2023.
Cases
Related Happenings
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/Service
First: 12.05.2026 08:18
Last: 12.05.2026 08:18
Sources 1
About this happening:
Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/ServiceAbout this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical Analysis
First: 26.03.2026 15:10
Last: 26.03.2026 15:10
Sources 1
About this happening:
**Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical AnalysisAbout this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws
Advisory/Mitigation
First: 21.03.2026 10:25
Last: 21.03.2026 10:25
Sources 1
About this happening:
**CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...
CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws
Advisory/MitigationAbout this happening: **CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/Mitigation
First: 20.03.2026 07:16
Last: 20.03.2026 07:16
Sources 1
About this happening:
**Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/MitigationAbout this happening: **Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
DarkSword iPhone exploit chain exploitation wave
Exploitation Wave
First: 18.03.2026 23:15
Last: 18.03.2026 23:15
Sources 1
About this happening:
**DarkSword** is an **active iPhone exploitation wave** targeting **iOS 18.4 through iOS 18.7**, with **Apple** expanding **iOS 18.7.7** and **iPadOS 18.7.7** to more older device...
DarkSword iPhone exploit chain exploitation wave
Exploitation WaveAbout this happening: **DarkSword** is an **active iPhone exploitation wave** targeting **iOS 18.4 through iOS 18.7**, with **Apple** expanding **iOS 18.7.7** and **iPadOS 18.7.7** to more older device...
Latest development: 02.04.2026 16:30
Apple broadened availability of iOS 18.7.7 and iPadOS 18.7.7 on April 1 to more devices still running iOS 18, including iPhone XR through iPhone 16 models, iPhone SE (2nd and 3rd generation), and multiple iPad models, so they can receive security patches against DarkSword web-based watering hole attacks that can deploy malware after a user visits a compromised website. Apple also began sending lock screen notifications to users running older software, urging installation of the latest security updates.
Timeline
-
12.03.2026 11:58 1 articles · 2mo ago
Apple ships the initial CVE-2023-43010 fix in iOS 17.2
Mitigation Patch UpdateApple shipped the first fix for CVE-2023-43010 in iOS 17.2, iPadOS 17.2, macOS Sonoma 14.2, and Safari 17.2 by improving WebKit handling for maliciously crafted web content that could cause memory corruption.
Show sources
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit — thehackernews.com — 12.03.2026 11:58
-
12.03.2026 11:58 1 articles · 2mo ago
Apple backports the CVE-2023-43010 fix to legacy iPhone and iPad releases
Mitigation Patch UpdateApple backported the CVE-2023-43010 WebKit remediation to iOS 15.8.7, iPadOS 15.8.7, iOS 16.7.15, and iPadOS 16.7.15 so older iPhone and iPad models could receive protection after Coruna exploit-kit use was identified.
Show sources
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit — thehackernews.com — 12.03.2026 11:58
-
12.03.2026 11:58 1 articles · 2mo ago
Google details Coruna exploit kit scope
Campaign Scope UpdateGoogle said Coruna features 23 exploits across five chains designed to target iPhone models running iOS versions between 13.0 and 17.2.1, adding new scope detail to the WebKit-linked exploit kit associated with CVE-2023-43010.
Show sources
- Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit — thehackernews.com — 12.03.2026 11:58