Find notable cyber news and cases, enriched with sources, timelines, and signals.

Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage

Technical Analysis
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

Coruna has been linked to an updated exploit lineage from Operation Triangulation, showing that a long-running iPhone attack framework continues to evolve and can still threaten modern Apple hardware. The kit now targets A17 and M3 chips and supports iOS up to 17.2, expanding the exposed device set. It contains five iOS exploit chains across 23 vulnerabilities, including CVE-2023-32434 and CVE-2023-38606. The analysis matters because it maps the attack flow, version gating, and payload-loading stages that defenders can use to understand exposure.

Related Happenings

Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)

Security Patch Release
H score33 First: 30.06.2026 10:15 Last: 30.06.2026 10:15 Sources 1

About this happening: **Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...

Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw

Vulnerability
H score0 First: 19.06.2026 21:37 Last: 19.06.2026 21:37 Sources 1

About this happening: A public **usbliter8** exploit now reaches **arbitrary code execution** in Apple's **SecureROM**, exposing an **unpatchable USB DMA underflow flaw** across **A12, A13, S4, and S5*...

Beats Studio Buds Bluetooth BR/EDR missing-authentication security flaw (multiple vulnerabilities)

Vulnerability
H score24 First: 18.06.2026 15:23 Last: 18.06.2026 15:23 Sources 1

About this happening: **Beats Studio Buds** are affected by **CVE-2025-20701**, a **missing-authentication** flaw in **Airoha system-on-a-chip (SoCs)** and the **Bluetooth BR/EDR radio** that can let a...

Apple security patch release for CVE-2025-20701

Security Patch Release
H score29 First: 18.06.2026 15:23 Last: 18.06.2026 15:23 Sources 1

About this happening: Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....

Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair

Security Tool/Service
H score10 First: 09.06.2026 00:03 Last: 09.06.2026 00:03 Sources 1

About this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...

Timeline

  1. 26.03.2026 15:10 2 articles · 3mo ago

    Kaspersky links Coruna to updated Operation Triangulation framework

    Technical Analysis Update

    Kaspersky identifies Coruna as a maintained successor to the Operation Triangulation iPhone exploit framework, linking CVE-2023-32434 and CVE-2023-38606 to an updated kernel exploit and describing a Safari-based chain that fingerprints the device, selects RCE and PAC exploits, retrieves encrypted metadata, and loads additional components to deploy a spyware implant on Apple hardware up to iOS 17.2.

    Show sources