Apple's iOS 26 Security Improvements Overshadowed by Leaked Hacking Tools

Apple’s iOS 26 introduced security improvements, but leaked hacking tools—including those attributed to Chinese and Russian state-linked groups—continue to expose millions of older iPhones to spyware attacks. Cybersecurity firm Lookout identified the tools, dubbed Darksword and Coruna, which exploit unpatched zero-day vulnerabilities in iOS versions predating iOS 26. The leaks, reportedly originating from compromised government contractors, enable attackers to deploy spyware without user interaction, targeting devices in China, Russia, and other regions. While Apple’s iVerify security app now detects such threats, the tools remain active in the wild, affecting devices running iOS 15 and earlier. No specific CVE IDs or exact victim counts were disclosed, though the article notes the tools’ persistence despite Apple’s mitigations.