Apple emergency patches

Apple pushed iOS 16.7.15, iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7 on March 11, 2026 as the emergency releases addressing the recent exploit disclosures. (macrumors.com) Google’s Threat Intelligence Group and iVerify published detailed analyses March 3–5, 2026 showing “Coruna” is an exploit kit made of five full exploit chains and 23 distinct exploits that targeted devices running iOS 13.0 through 17.2.1, with parts of the kit first observed in February 2025 and later used in watering‑hole and broad criminal campaigns. (cloud.google.com) Apple’s emergency updates enumerate four patched CVEs in the legacy releases (notably CVE‑2023‑41974, CVE‑2024‑23222, CVE‑2023‑43000 and CVE‑2023‑43010), covering one kernel vulnerability able to enable arbitrary kernel‑level code execution and three WebKit memory‑corruption flaws; several of these fixes were already introduced for newer iOS branches between 2023–2024. (securityweek.com) Independent researchers warn Coruna likely leaked from a government‑grade framework and moved into a secondary zero‑day market; iVerify likened the leak to an “EternalBlue moment,” while Google traced reuse to espionage groups (e.g., activity linked to UNC6353) and later financially motivated actors (e.g., UNC6691) across 2025–2026. (iverify.io)