CISA Directs Federal Agencies to Patch iOS Vulnerabilities Exploited in Cyberespionage and Cryptocurrency Theft

CISA directed U.S. federal agencies to patch three iOS security vulnerabilities exploited in cyberespionage and cryptocurrency theft attacks leveraging the Coruna exploit kit. The agency issued the directive without specifying exact dates, CVEs, or technical details of the flaws. The attacks targeted Apple devices and were associated with both spyware deployment and financial theft. No specific impacted versions of iOS or affected agencies were disclosed in the notice. The directive applies to federal civilian executive branch agencies under CISA’s authority.