Security researchers have raised concerns over a new wave of cyber threats targeting users of Apple devices following the leak of advanced hacking tools known as Coruna and DarkSword.
The toolkits contain exploits capable of breaching iPhones and iPads to access sensitive data, including messages, browsing history, location data, and cryptocurrency information.
According to researchers, Coruna can target devices running iOS 13 through iOS 17.2.1, while DarkSword is capable of exploiting newer versions, including iOS 18.4 and 18.7.
The threat has intensified after portions of DarkSword were leaked on the code-sharing platform GitHub, making the tools more accessible to cybercriminals.
Experts warn that the attacks can be carried out through compromised websites, allowing hackers to infiltrate devices when users visit infected pages. Once exploited, attackers can gain near-complete control of the device and extract private data.
Investigations suggest that parts of the Coruna toolkit were originally developed by a unit within U.S. defence contractor L3Harris before being circulated among various actors, including state-linked groups and cybercriminal networks.
Researchers say the spread of such tools highlights ongoing risks associated with the proliferation of cyber weapons, drawing comparisons to the 2017 WannaCry ransomware attack, which was linked to leaked government-developed exploits.
Apple has advised users to update their devices to the latest software versions, noting that recent updates provide protection against the identified vulnerabilities. Security experts also recommend enabling Lockdown Mode for users at higher risk of targeted attacks.
Despite these safeguards, analysts estimate that a significant number of devices worldwide remain vulnerable due to outdated software.
