Tag: mobile-security

Apple Patches iOS 15.8.7 for Legacy iPhone 6S Against Coruna Exploit

Apple issued iOS 15.8.7 to patch the Coruna exploit affecting iPhone 6S devices from 2015. The update demonstrates Apple's commitment to maintaining security patches for legacy hardware still in use.

Mar 12, 2026Hacker News (filtered)

appleioslegacy-devices

🇺🇸Apple

criticalIndustry & Policy

Cyber Threat Landscape Shifts: AI-Powered Attacks, Critical Cisco Flaws, and Global Enforcement Wins

This week brought critical infrastructure vulnerabilities from Cisco, AI-powered nation-state malware campaigns, and successful law enforcement operations against cybercriminal infrastructure. The convergence of AI tooling in both offensive and defensive operations marks a significant shift in the threat landscape.

Mar 6, 2026Dark Reading, Infosecurity Magazine

threat-intelligencevulnerabilitiesai-security

highVulnerabilities & Exploits

State Actors Unleash New Malware Arsenal as Phishing-as-a-Service Operations Scale Globally

Iran-linked Dust Specter and Russian APT28 campaigns unveiled new malware families targeting government officials in Iraq and Ukraine respectively. Meanwhile, Tycoon2FA phishing-as-a-service operations reached over 500,000 organizations monthly before disruption by Microsoft and Europol.

Mar 5, 2026The Hacker News, Microsoft Security, SANS ISC, MSRC Security Updates

apt28malwarephishing-as-a-service

🇷🇺APT28

🇺🇸Google

highNation-State & APT

US Government iPhone Exploitation Toolkit 'Coruna' Allegedly Compromised by Foreign Adversaries

Security researchers have identified evidence suggesting that 'Coruna,' an advanced iPhone exploitation toolkit believed to be developed for US government use, has been obtained by foreign spy agencies and criminal groups. The toolkit's compromise could enable sophisticated surveillance operations against iPhone users globally.

Mar 4, 2026Hacker News (filtered)

mobile-securityios-exploitationgovernment-tools

🇺🇸Apple

mediumIndustry & Policy

Weekly Roundup: AI-Powered Threats Surge as Law Enforcement Scores Major Wins

International law enforcement achieved a major victory with 574 arrests in an African cybercrime operation, while security researchers warn that AI tools are dramatically lowering the barrier for sophisticated attacks. Meanwhile, vehicle tire sensors present new privacy risks and half of US CISOs are working unsustainable hours.

Mar 4, 2026Dark Reading, Infosecurity Magazine

threat-intelligenceartificial-intelligencelaw-enforcement

🇺🇸Amazon

mediumPrivacy & Surveillance

Prayer App Compromised to Send Surrender Messages to Iranians During Airstrikes

During Israeli airstrikes on Tehran, Iranians received push notifications through a compromised prayer app telling them "help is on the way" and promising amnesty if they surrender. This incident highlights the vulnerability of mobile applications to psychological warfare operations targeting civilian populations.

Mar 1, 2026WIRED Security

psyopsmobile-securitygeopolitical-hacking

highMalware & Threats

Week in Review: North Korean Ransomware, Telecoms Breach, and Mobile App Vulnerabilities

North Korean state hackers are deploying Medusa ransomware against US healthcare organizations while ShinyHunters claims a breach of Dutch telecom Odido affecting millions of users. Meanwhile, popular mental health apps contain vulnerabilities exposing sensitive medical data.

Feb 24, 2026BleepingComputer, Malwarebytes Labs

ransomwaredata-breachlazarus-group

🏴Medusa🇰🇵Lazarus🏴ShinyHunters🏴Anonymous🏴Play

🇺🇸Google

highMalware & Threats

Predator Spyware Hooks iOS SpringBoard to Bypass Recording Indicators

Intellexa's Predator spyware can hook iOS SpringBoard to hide recording indicators while secretly streaming camera and microphone feeds, bypassing Apple's privacy protections.

Feb 22, 2026BleepingComputer

ios-malwarepredator-spywaresurveillance

🇬🇷Intellexa🇺🇸Apple

mediumVulnerabilities & Exploits

Threat Roundup: AI Poisoning, Encrypted RCS, and Phishing TTPs

Microsoft exposes AI recommendation poisoning attacks, Apple tests E2EE RCS, and SANS analyzes fake incident report phishing tactics.

Feb 17, 2026The Hacker News, SANS ISC

ai-poisoningrcs-encryptionphishing-campaigns

🇺🇸Apple