Find notable cyber news and cases, enriched with sources, timelines, and signals.

Operation Triangulation updated iPhone espionage campaign

Campaign
First reported
Last updated
Happening score
H score 41
1 unique sources, 1 articles

Summary

Hide ▲

The Operation Triangulation espionage lineage has resurfaced through Coruna, extending zero-click iPhone targeting to newer A17 and M3 devices and iOS 17.2. The kit includes five full iOS exploit chains and uses 23 vulnerabilities, including CVE-2023-32434 and CVE-2023-38606. The original operation began in 2019 and was uncovered in June 2023 after silent infection of iPhones via iMessage. The same framework has since been reused in cryptocurrency theft campaigns, widening the risk beyond espionage.

Related Happenings

Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)

Security Patch Release
H score33 First: 30.06.2026 10:15 Last: 30.06.2026 10:15 Sources 1

About this happening: **Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...

Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair

Security Tool/Service
H score10 First: 09.06.2026 00:03 Last: 09.06.2026 00:03 Sources 1

About this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...

IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android

Security Tool/Service
H score11 First: 12.05.2026 08:18 Last: 12.05.2026 08:18 Sources 1

About this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...

MiningDropper (BeatBanker) modular Android payload framework with encrypted staging

Technical Analysis
H score22 First: 24.04.2026 14:48 Last: 24.04.2026 14:48 Sources 1

About this happening: **MiningDropper (BeatBanker)** now stands out as a **layered modular Android malware framework** that can reuse one delivery chain across **hundreds of samples**, making **static...

Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)

Security Patch Release
H score28 First: 22.04.2026 23:58 Last: 22.04.2026 23:58 Sources 1

About this happening: **Apple** released **out-of-band security updates** for **iPhone and iPad** on **April 22, 2026** to fix **CVE-2026-28950**. The patch addresses a **Notification Services** flaw t...

Latest development: 23.04.2026 11:50

Apple issued **iOS 26.4.2**, **iPadOS 26.4.2**, **iOS 18.7.8**, and **iPadOS 18.7.8** on **2026-04-23** to close **CVE-2026-28950**, which could preserve deleted-message notifications on affected devices.

Timeline

  1. 26.03.2026 15:10 2 articles · 3mo ago

    Coruna analysis links the exploit kit to Operation Triangulation

    Technical Analysis Update

    Kaspersky links Coruna to the Operation Triangulation iPhone espionage framework, describing it as a continuously maintained successor that uses five full iOS exploit chains across 23 vulnerabilities, including CVE-2023-32434 and CVE-2023-38606, and noting expanded targeting for Apple's A17 and M3 chips, iOS up to 17.2, and financially motivated fake-exchange cryptocurrency theft campaigns.

    Show sources