Apple made strides with iOS 26 security, but leaked hacking tools still leavemillions exposed to spyware attacks

Recent research reveals that despite enhanced security in iOS 26, millions of iPhone users running outdated software remain vulnerable to spyware attacks from hacking tools such as Coruna and DarkSword. Major cyber threats from Russian and Chinese agents exploit these vulnerabilities, underscoring the need for consistent software updates to combat these growing risks.

Key Points

• iOS was previously considered secure, making spyware attacks rare due to the difficulty of finding vulnerabilities.
• New hacking tools, Coruna and DarkSword, have emerged, targeting users on older iOS versions.
• Hackers exploit memory corruption bugs prevalent in outdated iOS, allowing for broad-scale attacks.
• Apple has introduced security features in iOS 26, but many users remain on older versions, creating two classes of security among iPhone users.
• Experts suggest that the perception of rare iPhone hacks may be wrong, as documented cases are scarce but attacks are widespread.
• A second-hand market for exploits is emerging, incentivizing brokers to sell previously patched vulnerabilities, leading to recurring attacks.

Relevance

• The rise of mobile spyware parallels wider 2025 IT trends, where increasing cybersecurity threats specifically target mobile device users.
• Historical context shows that as operating systems evolve, so do hacking techniques, indicating a persistent cybersecurity challenge.
• The growth in exploit resale markets reflects a darker trend in cybersecurity, emphasizing the need for continual advancement in protective measures.

The ongoing struggle with mobile security highlights the importance of updating software regularly, fostering awareness among users regarding emerging threats due to outdated systems, and necessitating innovative solutions in cybersecurity.