{"id":4954,"date":"2026-03-14T22:02:32","date_gmt":"2026-03-14T22:02:32","guid":{"rendered":"https:\/\/conservative-politics.com\/index.php\/2026\/03\/14\/new-hack-poses-biggest-iphone-threat-in-19-years-what-you-can-do\/"},"modified":"2026-03-14T22:02:32","modified_gmt":"2026-03-14T22:02:32","slug":"new-hack-poses-biggest-iphone-threat-in-19-years-what-you-can-do","status":"publish","type":"post","link":"https:\/\/conservative-politics.com\/index.php\/2026\/03\/14\/new-hack-poses-biggest-iphone-threat-in-19-years-what-you-can-do\/","title":{"rendered":"New hack poses biggest iPhone threat in 19 years: What you can do"},"content":{"rendered":"
\n

Apple has had a hard time lately with critical exploits plaguing iPhones all around the world. In mid-February, Google\u2019s Threat Analysis Group discovered a critical zero-day vulnerability in Apple\u2019s iOS software<\/u><\/a> that gave hackers full control of a \u201csmall subset\u201d of targeted iPhones. This month, reports revealed that an entire exploit tool kit has been successfully used by hackers in Russia and China. The worst part is that mounting evidence suggests the kit came from the United States, possibly even from our very own government.<\/p>\n

Chock-full of vulnerabilities<\/h2>\n

According to Google\u2019s full report<\/u><\/a>, the exploit tool kit \u2014 dubbed Coruna \u2014 consists of five exploit chains and 23 exploits in total, all targeted at iPhones running iOS 13 to iOS 17.2.1. Mobile security experts at iVerify corroborated the report, claiming that 42,000 iPhones were affected<\/u><\/a>.<\/p>\n

Are there more zero-day vulnerabilities in iOS that we don\u2019t know about? Almost certainly yes.<\/p>\n

An exploit chain is the path a hacker can use to bypass a device\u2019s security controls via exploits to gain access. In other words, if your phone\u2019s software was a map, an exploit chain is the route a driver could take through different toll areas to reach the final destination. Even one exploit chain \u2014 or route \u2014 is enough to break into a device, but the fact that five<\/em><\/em> routes exist within Coruna makes it a sophisticated hacking resource unlike anything security researchers have seen on iOS.<\/p>\n

Google notes that Coruna has already been exploited by a \u201ccustomer of a surveillance company,\u201d as well as foreign nations, namely China and Russia. More alarming than that, however, \u201cmultiple threat actors\u201d have also gained access to exploit techniques that can be customized to leverage new and unknown vulnerabilities for future attacks.<\/p>\n

Image credit: Google<\/small><\/p>\n

Where did Coruna come from?<\/h2>\n

Now that Coruna is out in the open, it only makes sense to wonder where it came from. Its sophisticated nature makes it highly unlikely that an independent hacker threw it together. Instead, several pieces of evidence point toward government intervention.<\/p>\n

For starters, the tool kit\u2019s source materials are all written in native English, suggesting English origins. Second, two of the exploits in the chain are linked directly to Operation Triangulation<\/u><\/a>, a hardware vulnerability discovered in Apple\u2019s first-party processing chips by Russian cybersecurity company Kaspersky. Russian government officials blamed the NSA for this exploit back in 2023, but the U.S. government denied any connection. <\/p>\n

Third, iVerify\u2019s co-founder and COO, Rocky Cole, reportedly called Coruna\u2019s code \u201csuperb,\u201d going on to state, \u201cIt was elegantly written. It\u2019s fluid and holds together very well. There were comments in the code that, as someone who\u2019s been around the U.S. defense industrial base for years, really are reminiscent of the sort of insider jokes and insider remarks that you might see from a U.S. based coder. Certainly they were native English language speakers.\u201d<\/p>\n

For what it\u2019s worth, Kaspersky recently denied that Coruna is linked to the NSA<\/u><\/a>, despite the evidence outlined above. Regardless of the tool kit\u2019s origin, researchers are unsure how it made it into the hands of foreign entities.<\/p>\n

RELATED: Apple issues a critical software update for iPhone. Install it now!<\/a><\/strong><\/p>\n

\" Photo by Matt Cardy\/Getty Images<\/small><\/p>\n

Bigger signs of Apple\u2019s compromised security<\/h2>\n

Apple\u2019s iOS mobile platform is notoriously hard for hackers to crack, thanks to its closed nature, often frustrating U.S. criminal investigation agencies<\/u><\/a> with its strong end-to-end encryption practices. The Coruna tool kit, however, changes everything. It\u2019s the biggest collection of exploits to hit iOS since its inception in 2007. It\u2019s also part of a growing trend that undermines Apple\u2019s once-impenetrable software security and privacy protocols.<\/p>\n

Just last month, Apple released iOS 26.3<\/u><\/a> to patch a critical zero-day vulnerability dubbed CVE-2026-20700. Although this remains to be a major threat to iPhone users, this exploit is not<\/em><\/em> part of the Coruna tool kit. These are completely independent issues. Are there more zero-day vulnerabilities in iOS that we don\u2019t know about? Almost certainly yes.<\/p>\n

Tips to secure your device<\/h2>\n

That doesn\u2019t mean there\u2019s nothing you can do. As software vulnerabilities become more prevalent, the best way to keep your devices safe and secure is to make sure you always have the latest iOS updates downloaded and installed on your phone, tablet, and laptop.<\/p>\n

The exploits in the Coruna tool kit that plagued iOS 13 through 17.2.1, as well as CVE-2026-20700 for iOS 26, have all been patched. If you haven\u2019t updated your iPhone to the newest software, or if you\u2019re not sure which version you have, check for updates by opening the Settings app. Then go to General, Software Update, and make sure you\u2019re on one of these versions, depending on your phone\u2019s model:<\/p>\n