The History of iOS Exploits: Apple’s Flawed Security Paradigm

The report analyzes recent full-chain iOS exploits (Coruna, DarkSword), details the multi-stage WebKit-to-kernel exploitation and mitigation bypasses required for full device compromise, and criticizes Apple’s defensive paradigm—lack of an endpoint security framework and reliance on patching and user behavior. It highlights historical proliferation of commercial spyware (e.g., Pegasus), forensic detection limitations, and the risk that leaked exploit chains combined with advanced LLMs could commoditize iOS exploitation and enable mass attacks.