Hackers Used New Exploit Kit to Compromise Thousands of iPhones

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime.
SecurityWeek

Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks

The Coruna exploit kit has 23 exploits targeting iOS devices, previously used in Russian attacks and now in cybercrime ...

Google uncovers iOS exploit kit used in crypto phishing attacks

The Google Threat Intelligence Group says it found an iPhone exploit kit that could crack the device and sniff out crypto wallets, apps and seed phrases to steal funds.

Nigerian Prince Scams Evolve To Exploit War In The Middle East

Scammers are exploiting the Israel/U.S.-Iran conflict with offers of huge payments in return for help with stranded veterans ...

Google: Cloud attacks exploit flaws more than weak credentials

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.
Golf Digest

Players 2026: How pros use data to exploit a clever aiming loophole

When you sit down to watch the 2026 Players Championship this week, you may spot something interesting happening at TPC Sawgrass. Players breaking their own course strategy rules; aiming at pins they ...

New ‘Powerful’ iOS Attack Warning Issued To Millions Of iPhone Users

An iOS warning has been issued by researchers after they discovered “a new and powerful” exploit kit targeting Apple iPhones. Here's what you need to know.
CSO Online

Zero-day exploits hit enterprises faster and harder

Chinese state hackers and spyware vendors are fueling a rise in zero-day attacks, which increasingly target enterprise software and devices — security and networking products in particular.
SecurityWeek

How to 10x Your Vulnerability Management Program in the Agentic Era

The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation.

The ‘attorney model’ loophole: How debt relief companies scam people seeking help

When Coya Davis sought help for her $27,000 debt, she thought she found a lifeline. Instead, she entered a predatory scheme where debt settlement firms “rent” law licenses to charge illegal fees.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Google says 90 zero-days were exploited in attacks last year

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half of them in enterprise software and appliances.