Apple has released an urgent security advisory, cautioning users who are still operating older versions of iOS to immediately update their devices. The warning highlights active cyberattacks carried out using advanced exploit kits such as Coruna and DarkSword, which are targeting outdated iPhones through malicious web content.
These exploit kits are designed to take advantage of unpatched vulnerabilities in older iOS versions. Once a user interacts with a harmful link or visits a compromised website, the attack chain is triggered, potentially allowing attackers to access and steal sensitive data from the device.
Apple explained that users running outdated software are at significant risk. Even a single click on a malicious webpage could expose personal information stored on the iPhone.
Security Updates Already Available
Apple confirmed that it has thoroughly analyzed these threats and responded by releasing security patches across supported operating system versions. Devices running the latest software versions, including iOS 15 through iOS 26, are already protected against the vulnerabilities exploited by these kits.
Users who are unable to upgrade to the newest iOS versions are strongly advised to install the latest available updates for their devices. These include:
- Updating to iOS 15.8.7 or iPadOS 15.8.7
- Updating to iOS 16.7.15 or iPadOS 16.7.15
- Upgrading to iOS 15 for devices still on iOS 13 or iOS 14
Apple also mentioned that an additional critical security update is expected to be released soon, providing further protection for older devices.
Lockdown Mode Recommended for High-Risk Users
For users who cannot update their devices, Apple recommends enabling Lockdown Mode, a security feature designed to minimize exposure to cyber threats. This mode restricts certain functionalities, reducing the chances of exploitation through malicious web content and targeted attacks.
According to Apple, keeping software updated remains the most effective way to maintain device security. Devices that have already been updated are not affected by the reported attacks.
Rise of Large-Scale Mobile Exploitation
This warning follows recent findings about two major iOS vulnerabilities that have been actively exploited by multiple threat actors. These attacks are often delivered through watering hole techniques, where legitimate websites are compromised to infect visitors.
Security firm iVerify noted that such exploits, once limited to highly targeted espionage campaigns, are now being used on a much broader scale. This shift indicates that advanced mobile attack tools are becoming more accessible to less sophisticated cybercriminals.
Experts warn that the ease of deploying these exploit kits and their rapid adoption across different regions signals a growing cybersecurity concern. Tools previously associated with nation-state operations are now being repurposed for widespread attacks.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
