![\"\"](\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiN7dxzt-3rxkQ1A-6Sd9EzxINF3V70WAx4hsUUNPofdWcCO6hp0vEHavIsQsCUyXY7hOUOk7kDGIt2zN__gnigtzyYJyc31aiwpivHd4GEMPh0CHZHIBm58PtiyDXn7XNzI4hoZzmqVpErPty3VvEoyZCC4heyU0FE0uvM8_Ad_mWtXpSj5bcLIcTBwLNi/s1600/apple.jpg\")
Apple has started sending Lock Screen notifications to iPhone and iPad users with older versions of iOS and iPadOS to warn them about web-based attacks and encourage them to update their devices.
According to a report by MacRumors, Apple is actively alerting users about potential attacks targeting outdated iOS software and advising them to install a critical update to safeguard their devices.
This move follows Apple’s recent release of a support document urging users with older iOS and iPadOS versions to update their devices, citing the discovery of new iOS exploit kits such as Coruna and DarkSword.
Various threat actors with different motives have been exploiting these kits to deliver malicious payloads through compromised websites. While Coruna targets iOS versions 13.0 to 17.2.1, DarkSword focuses on iPhones running iOS versions 18.4 to 18.7.
A recent report by Kaspersky revealed that the Coruna exploit kit is an advanced version of the framework used in Operation Triangulation, a campaign that targeted iPhones through zero-click iMessage exploits since June 2023.
Kaspersky described Coruna as a continuously updated framework, not simply a collection of public exploits, raising concerns about the availability of zero-day exploits in the underground market.
The emergence of these exploit kits, along with the leak of a newer DarkSword version, has sparked fears of widespread exploitation and increased vulnerability of iPhones and iPads to spyware attacks.
Users unable to update to supported iOS versions are advised to enable Lockdown Mode, introduced in 2022 for devices running iOS 16 and later, to mitigate risks from malicious web content.
Apple has reassured users that no Lockdown Mode-enabled device has fallen victim to spyware attacks, emphasizing the importance of keeping devices updated and secure.
