Apple Issues Urgent Warning: Update iOS 13 and 14 Immediately to Block Active Exploits

Apple is urgently advising iPhone users running older software, specifically iOS 13 and iOS 14, to immediately upgrade to iOS 15 to prevent severe cyberattacks. This critical alert is aimed at users who have delayed system updates, warning them that their devices are highly susceptible to data theft via malicious web content. By updating, users can instantly patch vulnerabilities that are currently being exploited in the wild.

According to a support document released by the company, hackers are actively deploying iOS exploit kits known as "Coruna" and "DarkSword." These sophisticated tools are designed to take advantage of security flaws present in iOS 13 through iOS 17.2.1. Apple has been patching these vulnerabilities over the last several months, meaning users on the newest available versions are already shielded from these circulating malicious links.

Users currently running updated versions of iOS 15 through iOS 26 are considered safe from this specific threat. To address the ongoing risk, Apple released new iOS 15 and iOS 16 updates on March 11. Furthermore, iPhone users who remain on outdated software will receive a prominent alert to install a Critical Security Update in the coming days.

Fortunately, all iPhones capable of running iOS 13 or iOS 14 can be upgraded to iOS 15, meaning no device is permanently stranded on these vulnerable versions. As a baseline defense, Apple protects users through the Apple Safe Browsing feature in Safari, which is enabled by default and blocks known malicious URL domains.

For users who cannot immediately update, or those facing severe threats, Lockdown Mode offers an extreme level of protection. Available in iOS 16 or later, this feature neutralizes hacking vectors by blocking complex web technologies and message attachments. However, Apple notes that Lockdown Mode is designed specifically for individuals at risk of state-sponsored attacks, rather than the everyday iOS user.

While these exploit kits are highly effective against outdated devices, their deployment has been geographically concentrated. Currently, there is no evidence that the hacking tools have targeted individuals in the United States. Instead, the attacks have been observed in Ukraine, China, Saudi Arabia, Turkey, and Malaysia.

The emergence of the "Coruna" and "DarkSword" exploit kits highlights a growing trend where cybercriminals weaponize older, unpatched vulnerabilities rather than burning expensive zero-day exploits. Apple's decision to push a Critical Security Update alert to legacy devices underscores the severity of the threat landscape in 2026. Users must abandon the habit of delaying updates, as the window between a vulnerability's discovery and its active exploitation is shrinking rapidly.

Which iOS versions are vulnerable to the Coruna and DarkSword exploits?
Devices running iOS 13 through iOS 17.2.1 are vulnerable if they have not installed the latest security patches.

How can I protect my iPhone from these malicious web attacks?
The most effective protection is to immediately update your device to the latest available software, such as the recent iOS 15 or iOS 16 updates released on March 11, or newer versions up to iOS 26.

What is Lockdown Mode and should I use it?
Lockdown Mode is an extreme security measure available in iOS 16 and later that blocks potential hacking vectors. It is intended only for users who suspect they are targets of highly sophisticated, state-sponsored cyberattacks.