Apple pushes emergency iOS fixes
Apple pushed emergency security updates for older iPhones and iPads to patch the “Coruna” exploit kit—shipping fixes in iOS 15.8.7 and iOS 16.7.15 reported. The company is also rolling out iOS 26.4 (expected March 23) with new customization and AI features—changes that will affect privacy and app hooks for location-based engagement announced.
Security researchers found the Coruna exploit kit operating on malicious Chinese websites and capable of chaining as many as 23 different WebKit and kernel attacks [PCMag, turn0search14]. Apple published security notes for iOS 15.8.7 and iOS 16.7.15 that backport fixes to older devices and list the specific affected models—iPhone 6s, iPhone 7, iPhone SE (1st gen), iPad Air 2, iPad mini 4, and iPod touch (7th gen) [Apple Support, turn0search4]. Analysts and reporting tied Coruna activity to campaigns focused on cyber-espionage and cryptocurrency theft, prompting Apple’s emergency backports after the same WebKit/kernel fixes were already shipped for newer releases earlier (e.g., iOS 16.6, iOS 17.2/17.3) [BleepingComputer, turn0search8][Apple Support, turn0search4]. Apple seeded iOS 26.4 developer beta 4 on March 9, 2026, and the official beta notes list “Maps & Location” among the platform technologies that developers should test against for API or behavioral changes [Apple Developer release, turn1search3]. Apple’s MapKit documentation shows developer-facing location tools like MapKit, MapKit JS and the Apple Maps Server API (used for POIs, placemarks and reduced-device-power geosearch), meaning any Maps & Location tweaks in 26.4 will surface at the API level and require dev testing against those frameworks [MapKit docs, turn5search6].
