Find notable cyber news and cases, enriched with sources, timelines, and signals.

WebKit memory-corruption flaw actively exploited (CVE-2023-43010)

Vulnerability
First reported
Last updated
Happening score
H score 7
1 unique sources, 1 articles

Summary

Hide ▲

Older iPhone and iPad devices received the CVE-2023-43010 fix, extending protection against a WebKit memory-corruption flaw used in the Coruna exploit kit. The bug could be triggered by maliciously crafted web content, creating risk for browser-driven code execution on affected systems. The backport covers iOS 15.8.7, iPadOS 15.8.7, iOS 16.7.15, and iPadOS 16.7.15 for devices that cannot move to newer releases. Apple said the issue had already been fixed in iOS 17.2 on December 11th, 2023.

Cases

Related Happenings

Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair

Security Tool/Service
H score10 First: 09.06.2026 00:03 Last: 09.06.2026 00:03 Sources 1

About this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...

Bright Data iOS SDK teardown reveals unauthenticated scraping relay and VPN bypass

Technical Analysis
H score45 First: 06.06.2026 11:29 Last: 06.06.2026 11:29 Sources 1

About this happening: Researchers **reverse-engineered Bright Data's iOS SDK** and found it can turn consumer devices into **exit nodes** for web-scraping traffic. The teardown showed the job channel h...

IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android

Security Tool/Service
H score11 First: 12.05.2026 08:18 Last: 12.05.2026 08:18 Sources 1

About this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...

Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage

Technical Analysis
H score33 First: 26.03.2026 15:10 Last: 26.03.2026 15:10 Sources 1

About this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...

CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws

Advisory/Mitigation
H score52 First: 21.03.2026 10:25 Last: 21.03.2026 10:25 Sources 1

About this happening: **CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...

Timeline

  1. 12.03.2026 11:58 1 articles · 3mo ago

    Apple backports the CVE-2023-43010 fix to legacy iPhone and iPad releases

    Mitigation Patch Update

    Apple backported the CVE-2023-43010 WebKit remediation to iOS 15.8.7, iPadOS 15.8.7, iOS 16.7.15, and iPadOS 16.7.15 so older iPhone and iPad models could receive protection after Coruna exploit-kit use was identified.

    Show sources