Coruna iOS Exploit: How to Detect and Prevent Infection

Coruna is a powerful iOS exploit kit (23 exploits across five attack chains) delivered via watering-hole webpages that can achieve remote code execution, privilege escalation, in-process implants, and data exfiltration from iPhones running iOS 13 through 17.2.1; Google and iVerify have publicly disclosed and tracked active use in the wild. The report outlines individual and enterprise mitigations—update to iOS 17.3+, avoid suspicious links, retire unsupported devices, deploy forensic/endpoint detection, enforce rapid patching, and review mobile security architecture—and notes likely nation-state origins later repurposed by criminals.