[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fHOMnTZP8ttlNDjBjAKeSo3x2XUa2EVu-EKVMjvBuDfI":3},{"lesson":4},{"id":5,"slug":6,"article_id":7,"title":8,"body":9,"prevention":10,"framework_refs":11,"status":17,"created_at":18,"published_at":19,"article":20,"tags":23},"26ba5570-7165-4252-9cb4-74a3cf32505f","critical-ios-exploits-target-unpatched-devices","d64bd82e-78e0-41fb-a159-368a72f79c7b","Critical iOS Exploits Target Unpatched Devices","Apple is urgently notifying users of older iOS devices about active web-based attacks exploiting unpatched vulnerabilities. Two sophisticated exploit kits, Coruna and DarkSword, are being used by multiple threat actors to compromise devices running outdated iOS versions. The situation is particularly concerning because these exploits appear to democratize access to previously nation-state-level attack capabilities. This demonstrates how delayed patching creates windows of opportunity for attackers to weaponize known vulnerabilities at scale.","**Immediate actions:**\n- This incident could have been prevented through consistent and timely patch management practices\n- Users should enable automatic updates on their iOS devices to ensure critical security patches are applied immediately upon release\n- Regular vulnerability assessments and maintaining an inventory of all mobile devices helps ensure no devices are overlooked during critical security updates\n- security awareness training should emphasize the importance of keeping devices updated and recognizing potential security threats\n\n**Detection measures:**\n- Organizations managing iOS devices should implement mobile device management (MDM) solutions to enforce update policies and monitor device compliance",[12,13,14,15,16],"CIS Control 7","NIST SP 800-40","NIST SP 800-124","ISO 27001 A.12.6.1","OWASP Mobile Top 10","published","2026-03-27T19:09:15.884752+00:00","2026-03-27T19:09:15.577+00:00",{"id":7,"url":21,"title":22},"https:\u002F\u002Fthehackernews.com\u002F2026\u002F03\u002Fapple-sends-lock-screen-alerts-to.html","Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits",[24,30],{"id":25,"name":26,"slug":27,"description":28,"color":29},"05757c8d-6b93-4194-b35d-7359e7d33b0e","Vulnerability Management","vulnerability-management","Missing scans, no risk prioritization","#fb923c",{"id":31,"name":32,"slug":33,"description":34,"color":35},"af7fce9e-1ce8-4156-93bc-09dcfbfdf29d","Patch Management","patch-management","Unpatched vulnerabilities, delayed updates","#ef4444"]