Coruna iOS Exploit Kit Highlights the Need for Multi-Layer Mobile Defense

The report summarizes Coruna, a high‑sophistication iOS exploit kit comprising five full exploit chains and 23 vulnerabilities (affecting iOS 13–17.2.1) that has been used in targeted surveillance, Ukrainian watering‑hole attacks, and financially motivated campaigns; it outlines the multi‑stage attack flow (malicious web delivery → WebKit/browser exploitation → privilege escalation → spyware installation), highlights telemetry indicators (repeated WebKit and messaging app crashes, outdated OS versions), and advocates a layered, on‑device detection strategy — noting Zimperium’s ability to block many exploit domains and surface forensic signals to reduce impact.