Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
The Hacker News • • technology
Key Points:
- Apple is sending Lock Screen notifications to iPhones and iPads running outdated iOS and iPadOS versions, warning users of web-based attacks and urging them to install critical updates.
- The alerts follow the discovery of new exploit kits, Coruna and DarkSword, which target a range of iOS versions and have been used by multiple threat actors to deliver malicious payloads via compromised websites.
- Kaspersky reports that Coruna is an advanced evolution of the Operation Triangulation framework, a sophisticated zero-click iMessage exploit campaign first identified in June 2023.
- The availability of these exploit kits raises concerns about democratizing access to powerful cyberattacks previously reserved for nation-states, potentially increasing the attack surface for iPhones and iPads.
- Users unable to update their devices are advised to enable Lockdown Mode, which Apple states has so far prevented successful mercenary spyware attacks on enabled devices.
