Apple is urging iPhone users running outdated versions of iOS to immediately update their devices to protect against a new wave of web-based cyberattacks powered by exploit kits such as Coruna and DarkSword. The advisory highlights growing concerns around mobile cybersecurity, as attackers increasingly target unpatched devices to steal sensitive user data.
These exploit kits operate by delivering malicious web content through compromised websites or deceptive links. Once a user interacts with such content on an outdated iOS device, it can trigger a chain of vulnerabilities that allows threat actors to gain unauthorized access to personal data, including credentials, messages, and other sensitive information.
Apple emphasized that users on the latest iOS versions are not affected by these attacks. Security patches addressing the exploited vulnerabilities have already been deployed across supported versions, including iOS 15 through iOS 26. The company noted that keeping software updated remains the most effective defense against evolving cyber threats.
For users unable to upgrade to the latest iOS version, Apple has outlined specific recommendations. Devices that cannot support newer operating systems should update to iOS 15.8.7 or iOS 16.7.15 to receive critical security fixes. Users running older versions such as iOS 13 or iOS 14 are advised to upgrade to iOS 15, which includes enhanced protections along with an upcoming critical security update.
In cases where updating is not immediately possible, Apple recommends enabling Lockdown Mode, a security feature designed to reduce the attack surface by limiting exposure to potentially malicious web content and other threat vectors. This added layer of protection is particularly relevant for users who may be at higher risk of targeted attacks.
The advisory follows recent cybersecurity reports revealing that previously sophisticated iOS exploits – once primarily used in targeted, state-sponsored spyware campaigns – are now being deployed at scale by a broader range of threat actors. These attacks are often executed through “watering hole” techniques, where legitimate websites are compromised to infect unsuspecting visitors.
Security researchers have noted that the increasing availability of such exploit kits lowers the barrier for cybercriminals, enabling even less advanced actors to carry out high-impact attacks. This shift signals a new phase in mobile cybersecurity, where large-scale exploitation of smartphone vulnerabilities is becoming more common.
Experts warn that the simplicity and adaptability of these tools make them highly dangerous, as they can be quickly modified and redeployed across different regions and targets. As a result, unpatched devices remain highly vulnerable in an increasingly hostile threat landscape.
Apple reiterated that maintaining updated software is essential for device security and confirmed that devices running the latest updates are protected against these known threats. As cyberattacks continue to evolve, proactive updates and security awareness remain critical for safeguarding user data and preventing large-scale mobile compromises.
Recommended Cyber News :
- Lookout Uncovers DarkSword iOS Exploit Chain, Exposing a New Era of Mobile Threats
- Appdome Launches DefenseOS for Mobile App Security
- Netcraft Launches AI Tool to Stop Cyberattacks Early
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
