Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Netflix invented binge watching. Now he may be over it.

The ‘first’ ransomware attack run by AI still needed a human

You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    The ‘first’ ransomware attack run by AI still needed a human

    7 July 2026

    If you use Google, you train its AI. See how you can opt out.

    6 July 2026

    Amazon will stop accepting new customers for Mechanical Turk

    6 July 2026

    Yes, we use OpenClaw to this day

    5 July 2026

    Midjourney wants Hollywood studios to reveal the details of their use of artificial intelligence

    5 July 2026
  • Apps

    You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

    7 July 2026

    Apple is bringing back card payments for Apple Account purchases in India after a four-year hiatus

    6 July 2026

    WhatsApp now allows you to reserve usernames

    5 July 2026

    Podcasting platform Riverside is getting into the newsletter game

    4 July 2026

    Threads adds new features to Live Chats as it expands access

    4 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    US investors will soon have access to SK Hynix, another memory maker driving the AI ​​boom

    7 July 2026

    Smart glasses maker Even Realities hits $1 billion valuation with $150 million in funding led by Meituan, Tencent

    6 July 2026

    5 office gadgets that can make your work day better

    6 July 2026

    IQM, Europe’s first public quantum company, admits that the future of the technology is uncertain

    3 July 2026

    Thiel Capital’s Jack Selby commits stakes in hot startups like Etched through Arizona connections

    3 July 2026
  • Media & Entertainment

    Netflix invented binge watching. Now he may be over it.

    7 July 2026

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026

    YouTube Shorts just got even shorter with an update that lets you double the playback speed

    25 June 2026
  • Security

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026

    The US government says it’s been hacked — again

    2 July 2026

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026

    The Klue hack results in a data breach at several cybersecurity companies

    26 June 2026
  • Startups

    Station F emerges as a launch pad for Europe’s hottest AI startups

    6 July 2026

    Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

    4 July 2026

    The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

    3 July 2026

    Last chance to apply — Startup Battlefield Australia applications close on 6 July

    3 July 2026

    Arcturus could halve grid electrical losses using nano-infused metals

    2 July 2026
  • Transportation

    Chevy built an all-American EV truck — why isn’t anyone buying it?

    3 July 2026

    Rivian raises EV sales forecast as second-quarter production ramps up

    3 July 2026

    Lucid Motors CFO steps down as new CEO continues leadership shakeup

    2 July 2026

    Tesla begins testing Cybercab without pedals or steering wheel in Austin

    2 July 2026

    Lime is starting life as a public company after years of uncertainty

    1 July 2026
  • Venture

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026

    Bending Spoons defies SaaS slump, up 40% on first day of trading

    2 July 2026

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.
Security

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.

techtost.comBy techtost.com27 March 202606 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
A Major Hacking Tool Has Leaked Online, Putting Millions Of
Share
Facebook Twitter LinkedIn Pinterest Email

Security researchers have uncovered a series of cyberattacks targeting Apple customers around the world. The tools used in these hacking campaigns have been named Coruna and DarkSword and have been used by both government spies and cybercriminals to steal data from people’s iPhones and iPads.

It’s rare to see widespread hacks targeting iPhone and iPad users. In the past decade, the only precedents have been attacks against Muslim Uyghurs Chinaand against the people within Hong Kong.

Now, some of these powerful hacking tools have leaked online, potentially putting hundreds of millions of iPhones and iPads running out-of-date software at risk of data theft.

We break down what we know and don’t know about these latest iPhone and iPad hacking threats and what you can do to stay protected.

What is Coruna and DarkSword?

Coruna and DarkSword are two sets of advanced hacking tools that each contain a series of exploits capable of breaking into iPhones and iPads and stealing a person’s data, such as their messages, browser data, location history, and cryptocurrencies.

Security researchers who discovered the toolkits say Coruna’s exploits can hack iPhones and iPads running iOS 13 through iOS 17.2.1, which was released in December 2023.

DarkSword, however, contains exploits capable of hacking iPhones and iPads with newer devices running iOS 18.4 and 18.7, released in September 2025, according to Google security researchers investigating the code.

But the threat from DarkSword is more immediate to the general public. Someone leaked part of DarkSword and posted it on the code-sharing site GitHub, making it easy for anyone to download the malicious code and launch their own attacks targeting Apple users running older versions of iOS.

How do Coruna and DarkSword work?

These types of attacks are by definition stealthy and dangerous, as they can trap anyone who visits a specific website that hosts the malicious code.

Contact us

Do you have more information about DarkSword, Coruna, or other government hacking and spyware tools? From a non-working device, Lorenzo Franceschi-Bicchierai can be reached securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email.

In some cases, victims can be compromised simply by visiting a legitimate website under the control of malicious hackers.

When victims are initially infected, Coruna and DarkSword exploit several vulnerabilities in iOS that allow hackers to essentially take complete control of the target’s device, allowing them to steal the individual’s personal data. The data is then uploaded to a web server run by the hackers.

At least some parts of the Coruna toolkit, as TechCrunch previously reported, were originally developed by Trenchant, a hacking and spyware unit within US defense contractor L3Harris that sells exploits to the US government and its top allies.

Kaspersky has also linked two exploits to the Coruna toolbox with Triangulation functiona sophisticated and possible government attack allegedly carried out against Russian iPhone users.

After Trenchant developed Coruna—somehow, it’s unclear how—those exploits found their way into the hands of Russian spies and Chinese cybercriminals, perhaps through one or more middlemen selling exploits on the underground market.

Coruna’s travels show again that powerful hacking tools, including those developed for the US under strict secrecy restrictions, can leak and proliferate out of control.

An example of this was in 2017 when an exploit developed by the US National Security Agency was leaked online that was capable of remotely hacking into Windows computers around the world. The same exploit was subsequently used in the devastating WannaCry ransomware attack, which hacked indiscriminately hundreds of thousands of computers around the world.

In the case of DarkSword, researchers observed attacks targeting users in China, Malaysia, Turkey, Saudi Arabia and Ukraine. It remains unclear who originally developed DarkSword, how it ended up in different hacking groups, or how the tools were leaked online.

It’s unclear who leaked and posted online on GitHub or why.

The hacking tools, seen by TechCrunch, are written in the web languages ​​HTML and JavaScript, making them relatively easy to set up and self-host anywhere by anyone looking to launch malicious attacks. (TechCrunch is not affiliated with GitHub as the tools can be used in malicious attacks.) Researchers posting on X have already tested the leaked tools by hacking into their own Apple devices running vulnerable versions of the company’s software.

DarkSword is now “essentially plug-and-play,” as Justin Albrecht, principal researcher at mobile security firm Lookout, explained to TechCrunch.

GitHub told TechCrunch that it has not removed the leaked code, but will keep it for security research.

“GitHub’s Acceptable Use Policies prohibit the publication of content that directly supports illegal active attacks or malware campaigns that cause technical damage,” GitHub’s web security advisor Jesse Geraci told TechCrunch. “However, we do not prohibit the publication of source code that could be used to develop malware or exploits, as the publication and distribution of such source code has educational value and provides a net benefit to the security community.”

Is my iPhone or iPad vulnerable to DarkSword?

If you have an iPhone or iPad that is out of date, you should consider updating immediately.

Apple told TechCrunch that users running the latest versions of iOS 15 through iOS 26 are already protected.

According to iVerification: “We strongly recommend updating to iOS 18.7.6 or iOS 26.3.1. This will mitigate all exploited vulnerabilities in these attack chains.”

According to Apple’s own statisticsnearly one in three iPhone and iPad users are still not running the latest iOS 26 software. This means there are potentially hundreds of millions of devices vulnerable to these hacking tools, since Apple advertises more than 2.5 billion active devices worldwide.

What if I can’t or don’t want to upgrade to iOS 26?

Apple also said that devices running Lockdown Mode, an additional security feature first introduced in iOS 16, also block these specific attacks.

Lockdown Mode is useful for journalists, dissidents, human rights activists, and anyone who believes they may be targeted for who they are or the work they do.

While Lockdown Mode isn’t perfect, there is no public evidence that hackers have so far been able to bypass its protections. (We’ve asked Apple if this claim still stands and will update if we hear back.) The lock feature was found to have prevented at least one attempt to install spyware on a human rights defender’s phone.

apple cyber security cybercrime Dark word evergreen Google hacker Hacking heres iOS iPhone iPhones Koruna leaked major millions online putting Risk Russia Stand-by tool Verify Zero-days
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleSilicon Valley’s two biggest dramas have crossed paths: LiteLLM and Delve
Next Article Netflix confirms it’s raising prices again
bhanuprakash.cg
techtost.com
  • Website

Related Posts

You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

7 July 2026

Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

6 July 2026

If you use Google, you train its AI. See how you can opt out.

6 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Netflix invented binge watching. Now he may be over it.

7 July 2026

The ‘first’ ransomware attack run by AI still needed a human

7 July 2026

You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

7 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Station F emerges as a launch pad for Europe’s hottest AI startups

Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.