{"id":219585,"date":"2026-03-03T17:42:00","date_gmt":"2026-03-03T22:42:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack\/"},"modified":"2026-03-03T19:05:18","modified_gmt":"2026-03-04T00:05:18","slug":"possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack\/","title":{"rendered":"Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\">Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\">https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-03 17:42:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>An exploit kit that may have originated from a leaked U.S. government framework is behind what researchers are calling the first mass-scale attack on iOS, the operating system for Apple\u2019s iPhones.<\/p>\n<p>Traces of the exploits, found in the work of Chinese cybercriminals, also have been spotted in Russian attacks on Ukraine and used by a customer of a spyware vendor.<\/p>\n<p>Those conclusions come from two pieces of research that Google Threat Intelligence Group and iVerify released separately Tuesday. Rocky Cole, co-founder of iVerify, said it represented a potential \u201cEternalBlue moment,\u201d with echoes of that exploit software escaping the National Security Agency to fuel the global WannaCry ransomware and NotPetya attacks in 2017.<\/p>\n<p>Google said that the so-called Coruna exploit kit that\u2019s the subject of Tuesday\u2019s research \u201cprovides another example of how sophisticated capabilities proliferate,\u201d as it wrote in a blog post about the zero-day \u2014 or previously undisclosed and unpatched \u2014 exploits.<\/p>\n<p>\u201cHow this proliferation occurred is unclear, but suggests an active market for \u2018second hand\u2019 zero-day exploits,\u201d Google wrote. \u201cBeyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities.\u201d<\/p>\n<p>Said iVerify: \u201cWhile iVerify has some evidence that this tool is a leaked U.S. government framework, that shouldn\u2019t overshadow the knowledge that these tools will find their way into the wild and will be used unscrupulously by bad actors.\u201d<\/p>\n<p>Just last week, a U.S. court sentenced a former L3 Harris executive to prison for selling zero-day exploits to a Russian broker.<\/p>\n<p>Both Google and iVerify connected the exploit kit to Operation Triangulation, which Russian cybersecurity firm Kaspersky said in 2023 had targeted the company and the Russian government attributed to the U.S. government. The NSA declined to comment on that&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/ Publish Date: 2026-03-03 17:42:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":219586,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/03\/GettyImages-2263060747.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31],"class_list":["post-219585","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219585"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=219585"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219585\/revisions"}],"predecessor-version":[{"id":219587,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/219585\/revisions\/219587"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/219586"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=219585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=219585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=219585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}