Apple Patches Older iPhones Against ‘Coruna’ Hacks Used in Espionage and Crypto Theft

Apple has released security updates for older-generation iPhones and iPads addressing vulnerabilities used in targeted cyberattacks.

Key takeaways:

• iOS 15.8.7 and iOS 16.7.15 to fix vulnerabilities linked to the Coruna exploit kit, specifically for devices that can’t upgrade to the latest iOS versions.

• Coruna was observed in espionage campaigns and crypto-themed financial scams.

• Devices such as iPhone 6s, iPhone 7, iPhone SE (1st gen), iPhone 8/X, and several older iPads are impacted.

• Vulnerabilities like those exploited in Coruna attacks have historically been used to deploy spyware against activists, journalists, dissidents, and high-profile individuals.

• The release follows last month’s iOS 26.3 patch addressing another exploited zero-day vulnerability.

Overview of Coruna

Earlier this month, Google sounded the alarm about an exploit kit dubbed “Coruna” targeting Apple gear running iOS versions 13 through 17.

Coruna was first encountered in targeted operations by a customer of a commercial surveillance vendor, according to the Google Threat Intelligence Group.

It was later used in watering hole attacks by a suspected Russian espionage group (UNC6353).

Eventually, it appeared in broad-scale campaigns tied to financially motivated actors (UNC6691, e.g., fake finance/crypto sites).

This progression suggests a market for “second-hand” zero-day exploits shared or sold between sophisticated groups.

“How this proliferation occurred is unclear, but it suggests an active market for ‘second hand’ zero-day exploits,” Google researchers said. “Beyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities.”

While most iPhones and iPads in circulation run newer, more secure versions of the software, people still using older-generation models are vulnerable to attack.

Apple issues official patches for vulnerable devices

In light of Google’s findings, Apple this week rolled out iOS 15.8.7 and iOS 16.7.15, warning that they carry fixes “associated with the Coruna exploit” and bring fixes “to devices that cannot update to the latest iOS version.”

iOS 15.8.7 and iPadOS 15.8.7 deliver those fixes for iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation).

iOS 16.7.15 and iPadOS 16.7.15 address the issue on iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.

If you use any of the devices, make these updates a priority!

Take ‘exploitable’ security issues seriously!

As we note whenever we report on Apple security updates, issues like CVE-2026-20700 have historically been exploited to deploy spyware on the devices of activists, dissidents, political rivals, human rights advocates, investigative journalists and high-profile figures in general. Big-Tech players have been fighting the spyware threat for years.

Even if you’re not a high-risk person, it’s a good idea to stay up to date with the latest security patches – you never know when you trip a wire and become a target.

For peace of mind, run an independent security solution on all your personal devices. On Apple devices, keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might target you.

This is the second important security release from Apple this year. Last month, the Cupertino tech titan rolled out iOS 26.3 addressing a zero-day vulnerability said to be exploited by hackers in targeted attacks.

You may also want to read:

iOS 26.3 Fixes an Important Security Flaw Exploited in Targeted Hacker Attacks. Update Now!

Safer Messaging for Kids: How to Set Up a Parent-Managed WhatsApp Account for Your Child

Why Don’t You Use a Mobile Security App? We Ask Netizens