Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack | CyberScoop<\/title> <meta name=\"description\" content=\"Researchers uncover "Coruna," a sophisticated iOS exploit kit likely leaked from a U.S. government framework. Linked to mass-scale iPhone attacks and Russian espionage, this discovery marks a potential "EternalBlue moment" for mobile security.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack\"> <meta property=\"og:description\" content=\"Researchers uncover "Coruna," a sophisticated iOS exploit kit likely leaked from a U.S. government framework. Linked to mass-scale iPhone attacks and Russian espionage, this discovery marks a potential "EternalBlue moment" for mobile security.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-03-03T22:42:01+00:00\"> <meta property=\"article:modified_time\" content=\"2026-03-03T22:42:04+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1770142553g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1770755286g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1767808656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/88018\"><meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=88018\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcoruna-ios-exploit-kit-leaked-us-framework%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcoruna-ios-exploit-kit-leaked-us-framework%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-88018 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.6\">\n<div class=\"single-article__header-content\" readability=\"34.303664921466\">\n<p> Researchers traced the kit moving from a spyware vendor\u2019s customer to Russian hackers to Chinese cybercriminals. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/88018\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> The Apple logo appears on a mobile phone screen in this photo illustration in Brussels, Belgium, on Feb. 26, 2026. (Photo by Jonathan Raa\/NurPhoto) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"35.310193321617\"><body readability=\"74.099315068493\"><\/p>\n<p>An exploit kit that may have originated from a leaked U.S. government framework is behind what researchers are calling the first mass-scale attack on iOS, the operating system for Apple\u2019s iPhones.<\/p>\n<p>Traces of the exploits, found in the work of Chinese cybercriminals, also have been spotted in Russian attacks on Ukraine and used by a customer of a spyware vendor.<\/p>\n<p>Those conclusions come from two pieces of research that <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/coruna-powerful-ios-exploit-kit\">Google Threat Intelligence Group<\/a> and <a href=\"https:\/\/iverify.io\/press-releases\/first-known-mass-ios-attack\">iVerify<\/a> released separately Tuesday. Rocky Cole, co-founder of iVerify, said it represented a potential \u201cEternalBlue moment,\u201d with echoes of that exploit software escaping the National Security Agency to fuel the global WannaCry ransomware and NotPetya attacks in 2017.<\/p>\n<p>Google said that the so-called Coruna exploit kit that\u2019s the subject of Tuesday\u2019s research \u201cprovides another example of how sophisticated capabilities proliferate,\u201d as it wrote in a blog post about the zero-day \u2014 or previously undisclosed and unpatched \u2014 exploits.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cHow this proliferation occurred is unclear, but suggests an active market for \u2018second hand\u2019 zero-day exploits,\u201d Google wrote. \u201cBeyond these identified exploits, multiple threat actors have now acquired advanced exploitation techniques that can be re-used and modified with newly identified vulnerabilities.\u201d<\/p>\n<p>Said iVerify: \u201cWhile iVerify has some evidence that this tool is a leaked U.S. government framework, that shouldn\u2019t overshadow the knowledge that these tools will find their way into the wild and will be used unscrupulously by bad actors.\u201d<\/p>\n<p>Just last week, a U.S. court sentenced a former L3 Harris executive to prison for <a href=\"https:\/\/cyberscoop.com\/l3harris-executive-peter-williams-sentenced-zero-day-exploits-russia\/\">selling zero-day exploits<\/a> to a Russian broker.<\/p>\n<p>Both Google and iVerify connected the exploit kit to Operation Triangulation, which Russian cybersecurity firm Kaspersky said in 2023 had targeted the company and the Russian government <a href=\"https:\/\/cyberscoop.com\/russian-apple-nsa-iphone-spying\/\">attributed to the U.S. government<\/a>. The NSA declined to comment on that allegation.<\/p>\n<p>An Apple spokesperson didn\u2019t respond to a request for comment Tuesday afternoon. Apple issued <a href=\"https:\/\/cyberscoop.com\/apple-os-update-spyware\/\">multiple patches<\/a> in response to Operation Triangulation, and worked with Google on the newest research.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Spencer Parker, chief product officer at iVerify, said the attack affected at least 42,000 devices \u2014a \u201cmassive number\u201d for iOS, even if it sounds small to other platforms. That number has the potential to expand as researchers dive further into the technical details, Cole said.<\/p>\n<p>Other signs point to U.S. development of the exploit kit, Cole said.<\/p>\n<p>\u201cThe code base for the framework and the exploits was superb,\u201d he said. \u201cIt was elegantly written. It\u2019s fluid and holds together very well. There were comments in the code that, as someone who\u2019s been around the U.S. defense industrial base for years, really are reminiscent of the sort of insider jokes and insider remarks that you might see from a U.S. based coder. Certainly they were native English language speakers.\u201d<\/p>\n<p>Google said it tracked the use of the exploit kit over the course of last year in operations from an unnamed customer of a surveillance vendor to attacks on Ukrainian users from a suspected Russian espionage group, before retrieving the complete exploit kit from a financially motivated group operating out of China.<\/p>\n<p>Apple-focused security researcher Patrick Wardle observed on the <a href=\"https:\/\/x.com\/patrickwardle\/status\/2028925404497822178\">social media site X<\/a> about the Coruna research: \u201cTurns out even lowly cybercriminals were (ab)using 0days to hack Apple devices.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[303,271,6091,282,1110,387,3729,3586,3261,483,5289,4596,6092,46,256,270,482,6093,1170],"tags":[307,277,6094,286,1111,391,3731,3588,3262,485,5293,4600,6095,54,262,276,484,6096,1171],"class_list":["post-8394","post","type-post","status-publish","format-standard","hentry","category-apple","category-china","category-coruna","category-cybercrime","category-eternalblue","category-google","category-google-threat-intelligence-group","category-ios","category-iverify","category-kaspersky","category-l3harris","category-notpetya","category-operation-triangulation","category-ransomware","category-research","category-russia","category-spyware","category-wannacry","category-zero-days","tag-apple","tag-china","tag-coruna","tag-cybercrime","tag-eternalblue","tag-google","tag-google-threat-intelligence-group","tag-ios","tag-iverify","tag-kaspersky","tag-l3harris","tag-notpetya","tag-operation-triangulation","tag-ransomware","tag-research","tag-russia","tag-spyware","tag-wannacry","tag-zero-days"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apple\/\" rel=\"category tag\">Apple<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/coruna\/\" rel=\"category tag\">Coruna<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/eternalblue\/\" rel=\"category tag\">EternalBlue<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google\/\" rel=\"category tag\">Google<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-threat-intelligence-group\/\" rel=\"category tag\">Google Threat Intelligence Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ios\/\" rel=\"category tag\">iOS<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/iverify\/\" rel=\"category tag\">iVerify<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/kaspersky\/\" rel=\"category tag\">Kaspersky<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/l3harris\/\" rel=\"category tag\">L3Harris<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/notpetya\/\" rel=\"category tag\">NotPetya<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/operation-triangulation\/\" rel=\"category tag\">Operation Triangulation<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/spyware\/\" rel=\"category tag\">spyware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/wannacry\/\" rel=\"category tag\">WannaCry<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-days\/\" rel=\"category tag\">zero-days<\/a>","tag_info":"zero-days","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8394","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8394"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8394\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8394,"date":"2026-03-03T16:42:01","date_gmt":"2026-03-03T22:42:01","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=88018"},"modified":"2026-03-03T16:42:01","modified_gmt":"2026-03-03T22:42:01","slug":"possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/03\/03\/possible-u-s-developed-exploits-linked-to-first-known-mass-ios-attack\/","title":{"rendered":"Possible U.S.-developed exploits linked to first known \u2018mass\u2019 iOS attack"},"content":{"rendered":"