Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage

Technical Analysis
First reported
Last updated
Happening score
H score 44
1 unique sources, 1 articles

Summary

Hide ▲

Coruna has been linked to an updated exploit lineage from Operation Triangulation, showing that a long-running iPhone attack framework continues to evolve and can still threaten modern Apple hardware. The kit now targets A17 and M3 chips and supports iOS up to 17.2, expanding the exposed device set. It contains five iOS exploit chains across 23 vulnerabilities, including CVE-2023-32434 and CVE-2023-38606. The analysis matters because it maps the attack flow, version gating, and payload-loading stages that defenders can use to understand exposure.

Related Happenings

IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android

Security Tool/Service
First: 12.05.2026 08:18 Last: 12.05.2026 08:18 Sources 1

About this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...

Open Happening

Google GTIG analysis of adversary AI use for exploit development and attack orchestration

Technical Analysis
First: 11.05.2026 16:00 Last: 11.05.2026 16:00 Sources 1

About this happening: **Google Threat Intelligence Group** published findings showing **adversaries using AI** for **exploit development** and **attack orchestration**, signaling that model-assisted tr...

Open Happening

MiningDropper (BeatBanker) modular Android payload framework with encrypted staging

Technical Analysis
First: 24.04.2026 14:48 Last: 24.04.2026 14:48 Sources 1

About this happening: **MiningDropper (BeatBanker)** now stands out as a **layered modular Android malware framework** that can reuse one delivery chain across **hundreds of samples**, making **static...

Open Happening

Google integrates Rust DNS parser into Pixel modem firmware

Security Tool/Service
First: 14.04.2026 13:21 Last: 14.04.2026 13:21 Sources 1

About this happening: Google is **integrating a Rust-based DNS parser** into **Pixel modem firmware**, reducing memory-safety risk in a **remote cellular attack surface**. The change matters because th...

Open Happening

Apple iOS 18.7.7 security update expansion for DarkSword

Security Patch Release
First: 02.04.2026 00:50 Last: 02.04.2026 00:50 Sources 1

About this happening: Apple expanded **iOS 18.7.7** availability to more older **iPhones and iPads** on **April 1, 2026**, letting devices that stay on **iOS 18** receive protections against the **acti...

Open Happening

Timeline

  1. 26.03.2026 15:10 2 articles · 2mo ago

    Kaspersky links Coruna to updated Operation Triangulation framework

    Technical Analysis Update

    Kaspersky identifies Coruna as a maintained successor to the Operation Triangulation iPhone exploit framework, linking CVE-2023-32434 and CVE-2023-38606 to an updated kernel exploit and describing a Safari-based chain that fingerprints the device, selects RCE and PAC exploits, retrieves encrypted metadata, and loads additional components to deploy a spyware implant on Apple hardware up to iOS 17.2.

    Show sources
    Open in new tab