Breaking AI & Tech News Analyzed

Russia has officially designated Pavel Talankin, the main protagonist of the Oscar-winning documentary 'Mr Nobody Against Putin', as a 'foreign agent'. This move comes after Talankin, a teacher and videographer, spent two years documenting pro-war propaganda at a school in the Chelyabinsk region of west-central Russia.Talankin, in collaboration with US director David Borenstein, won the Best Documentary award at the Academy Awards earlier this month. The documentary features footage Talankin smuggled out of Russia in 2024, showcasing how students were exposed to pro-war messaging.A Russian court recently banned the documentary from several streaming platforms, citing that it promoted 'negative attitudes' about the Russian government and the war in Ukraine. Since Russia's full-scale military invasion of Ukraine in February 2022, Russian authorities have sought to suppress opposition to the war and rally support among citizens.As a 'foreign agent', Talankin is subject to stringent bureaucratic requirements and income restrictions in Russia. He is also obligated to label his social media posts and publications with the 'foreign agent' designation.In his Oscar acceptance speech on March 15, 2026, Talankin urged an end to global conflicts, stating, 'Stop all of these wars now'. The documentary has sparked controversy, with some Russians opposing Putin and the war criticizing Talankin for filming colleagues and children without consent.

Ukraine has announced a defence agreement with Saudi Arabia, described by President Volodymyr Zelenskyy as a mutually beneficial arrangement. The deal, which lays the groundwork for future contracts and technological cooperation, was made ahead of a meeting with Saudi Crown Prince Mohammed bin Salman.Zelenskyy stated that the agreement will facilitate technological cooperation and investment between the two nations. Saudi Arabia has not officially confirmed the pact.The partnership comes at a time when Gulf countries, including Saudi Arabia, are under attack by Iran. Since the US and Israel began their military campaign against Tehran on February 28, Riyadh has intercepted hundreds of drones and dozens of missiles. On Friday, the Saudi defence ministry reported that at least six missiles were intercepted.Ukraine, which has long battled Russian drones, is well-positioned to assist Gulf countries in countering Iranian attacks. Kyiv has become a major producer of cheap but efficient interceptor drones to counter Moscow's waves of drone attacks. In one of Russia's largest wartime aerial attacks on Ukraine, it launched 948 drones within 24 hours, killing two people.“This winter alone, Russia launched over 19,000 drones into Ukraine, just to give some perspective on how much experience they do have in shooting down drones,” said Al Jazeera’s Audrey MacAlpine, reporting from Kyiv. Ukraine has deployed 201 anti-drone experts to the Middle East to assist in the defence against Iranian attacks.

The Coruna and DarkSword Threat For years, the prevailing narrative among iPhone security experts was that breaking through Apple's defenses was a rare, high-barrier event requiring significant resources. However, recent investigations by Google, iVerify, and Lookout have shattered this assumption. Researchers have documented broad-scale hacking campaigns utilizing two specific tools, Coruna and DarkSword, which have been used to target victims globally who are not running the latest software updates. Attack Vectors: Hackers are compromising legitimate websites and creating fake pages to deliver spyware. Key Actors: Involvement of Russian spies and Chinese cybercriminals. Tool Availability: The source code for these tools has leaked online, allowing anyone to launch attacks against older iPhones. The Two-Tier iPhone Security Landscape The discovery of Coruna and DarkSword highlights a critical data point in the current security ecosystem: the existence of two distinct classes of iPhone users. This bifurcation is driven by the introduction of Memory Integrity Enforcement in iOS 26, a feature designed to prevent memory corruption bugs—the very vulnerabilities exploited by DarkSword. Class A (Secure): Users on the latest iPhone 17 models running iOS 26 are protected by memory-safe code and Lockdown Mode, making them resistant to these specific memory-based hacks. Class B (Vulnerable): Users running iOS 18 or older versions remain exposed to memory corruption attacks, as these older systems lack the new safety enforcement layers. Challenging the 'Rare Hack' Myth The widespread use of these leaked tools suggests that spyware attacks are becoming more common and less exclusive. This shift is fueled by a thriving "second-hand" market for exploits, where brokers resell vulnerabilities before they are patched. Experts argue that the rarity of iPhone hacks has been overstated simply because they are rarely documented. As noted by Patrick Wardle, the baseline capability for such attacks is now accessible to a wider range of actors, moving beyond state-sponsored actors to include cybercriminals. The End of the 'Rare Hack' Era The future of mobile security appears to be one of continuous escalation. With the code for Coruna and DarkSword now public, the barrier to entry for launching attacks against older devices has lowered significantly. This indicates that memory-based exploits will continue to plague lagging users, and the market for exploit development will likely expand as brokers seek to monetize vulnerabilities before updates are applied.

A high-stakes diplomatic effort is underway as a delegation of Russian officials has arrived in the United States for meetings with their American counterparts. This visit, which began on Thursday, marks a significant development in the strained relations between Moscow and Washington, particularly over Moscow's ongoing war in Ukraine.Kremlin spokesperson Dmitry Peskov expressed optimism about the talks, stating, 'We hope that these first tentative steps will, of course, make their contribution to the further revival of our bilateral engagement.' President Vladimir Putin has set the main directives for the trip and will be thoroughly briefed on the meeting.The visit occurs against the backdrop of US-brokered talks to end the war in Ukraine, which are currently in a state of limbo. Despite several rounds of negotiations since US President Joe Biden's administration took office, a deadlock persists, with the Kremlin ruling out compromises to halt its military campaign.Russia, a key ally of Iran, has been accused by Western intelligence officials of supporting the Iranian government as it faces a war launched by the US and Israel. A recent report alleged that Russia was close to completing a shipment of drones to Iran, which Moscow has vehemently denied, calling such claims 'lies being spread by the media.'In a related development, Russia has intensified its military actions in Ukraine, carrying out one of the largest aerial attacks since the start of the war, launching 948 drones in 24 hours. This escalation has prompted Ukraine's President Volodymyr Zelenskyy to appeal for air defence munitions from allies, warning of a potential deficit in missiles while Washington focuses on the US-Israeli conflict with Iran.

North Korean leader Kim Jong Un and Belarusian President Alexander Lukashenko have signed a friendship treaty aimed at deepening ties between their countries. Both leaders are close allies of Russian President Vladimir Putin.The treaty was signed on Thursday during Lukashenko's two-day trip to Pyongyang. He told Kim that relations between their countries were entering a 'fundamentally new stage', according to the Belarusian state news agency Belta.Lukashenko emphasized the need for independent countries to cooperate closely in today's global transformation, where global powers often ignore and violate international law. Kim expressed opposition to undue pressure on Belarus from the West.The North Korean leader gave Lukashenko a lavish welcome, including a white-horsed cavalry, flag-waving children, and a 21-cannon salute. Both nations have backed Russia's war in Ukraine.Kim has reportedly provided Moscow with ammunition and sent soldiers to help Russia expel Ukrainian forces from its western region of Kursk in 2024. Lukashenko allowed Belarus to be used as a launchpad for Russia's invasion in February 2022 and has agreed to allow Russian tactical nuclear missiles on its territory.The Belarusian leader, in power since 1994, is politically and economically dependent on Putin. North Korea and Belarus conduct a small volume of trade but share long experience of surviving under international sanctions. North Korea has been sanctioned due to its nuclear and ballistic missile programs, and Belarus over its human rights record and backing for Putin in Ukraine.

The Dual Threat: Coruna and DarkSwordSecurity researchers have identified two distinct but equally dangerous hacking toolkits, Coruna and DarkSword, that have leaked onto the open web. These advanced exploit kits, capable of breaking into iPhones and iPads, were originally developed for high-level government surveillance but are now available for anyone to download.Coruna: Targets iOS 13 through 17.2.1. Linked to Trenchant, a unit within U.S. defense contractor L3Harris, and previously used in Operation Triangulation against Russian targets.DarkSword: Targets iOS 18.4 and 18.7. Leaked on GitHub, making it "plug-and-play" for cybercriminals.The Scale of VulnerabilityThe scale of this exposure is staggering. According to Apple's statistics, nearly one-in-three iPhone and iPad users are still not running the latest software. With over 2.5 billion active devices globally, this implies hundreds of millions of users are susceptible to these attacks.DarkSword is particularly concerning because it targets newer devices running iOS 18.4 and 18.7. Researchers have already tested the leaked code, successfully hacking their own devices to demonstrate the ease of use.From State-Sponsored Espionage to Public ExploitationThis leak marks a dangerous shift in the cybersecurity landscape. Historically, sophisticated tools like Coruna were the domain of state-sponsored actors targeting specific regions, such as the Uyghurs in China or activists in Hong Kong.However, the release of DarkSword represents a move toward indiscriminate cybercrime. The tool is written in web languages like HTML and JavaScript, allowing attackers to launch attacks simply by hosting a malicious website. Victims in China, Malaysia, Turkey, Saudi Arabia, and Ukraine have already been targeted.The Future of Zero-Day WeaponizationThe leak of these tools mirrors the infamous 2017 WannaCry ransomware attack, which was fueled by leaked NSA exploits. Once powerful zero-day vulnerabilities are released into the wild, they are nearly impossible to fully contain.Experts recommend immediate action: users must update to iOS 18.7.6 or iOS 26.3.1. For high-risk individuals, enabling Lockdown Mode remains the most effective defense, as there is currently no public evidence of hackers bypassing its protections.

Russia has carried out one of its largest aerial attacks on Ukraine, launching 948 drones in a 24-hour period as it moves troops and equipment to the front line in what appears to be the start of its new offensive.The attacks have resulted in civilian casualties, with two people killed in the western Ukrainian city of Ivano-Frankivsk and one person killed in the region of Vinnytsia. The city of Lviv has also been targeted, with footage showing a drone crashing into an old building next to a church in the historic centre.Ukraine's President Volodymyr Zelenskyy has issued a new appeal for allies to supply Kyiv with air defence munitions, warning that Kyiv will face a deficit of missiles while Washington is focused on the US-Israeli war on Iran.The Institute for the Study of War (ISW) has reported that Russia has moved heavy equipment and more troops to the front line, with General Oleksandr Syrskii, the commander-in-chief of Ukraine's armed forces, saying Russian troops have made simultaneous attempts to break through defensive lines in several strategic areas.Russia's new offensive is seen as an escalation of its war of attrition, which has been unable to capture cities but has made incremental gains across rural areas.

The UK government has taken a significant step in its ongoing efforts to counter Russia's attempts to evade Western sanctions. Armed forces have been authorized to board Russian oil tankers in British waters, a move aimed at disrupting Moscow's 'shadow fleet' of vessels.This fleet, comprising over 600 vessels targeted by sanctions from the EU, UK, and US, uses tactics such as false national flags and opaque ownership structures to export Russian crude oil while avoiding Western sanctions. The new rules apply specifically to vessels sanctioned by the UK.The Royal Navy has previously collaborated with allies to take action against these vessels. For instance, last week it helped track a sanctioned Russian oil tanker in the Mediterranean, which was subsequently boarded by the French navy.The UK's move is part of a broader strategy to hamper Russia's economy and, consequently, its war efforts in Ukraine. Prime Minister Starmer emphasized that the goal is to 'starve Putin's war machine of the dirty profits that fund his barbaric campaign in Ukraine.'However, Russia has warned that direct action against shadow fleet vessels could lead to direct conflict. A senior Russian official, Nikolai Patrushev, suggested that Moscow could deploy its navy to protect Russian-linked vessels from potential European seizures.The UK's defense secretary, John Healey, previously suggested using 'military options' against sanctioned vessels, with any seized oil potentially being sold and the proceeds sent to Ukraine.Before any ship is boarded, its situation will be examined by law enforcement, military, and energy market specialists, with a recommendation made to ministers. Seizure could be followed by criminal proceedings against the owners, operators, and crew for breaches of UK sanctions legislation.

The Anatomy of the DarkSword LeakSecurity researchers have uncovered a significant escalation in iPhone vulnerabilities following the public release of the DarkSword exploit kit on the code-sharing site GitHub. Unlike sophisticated zero-days that require specialized knowledge to deploy, the leaked files are uncomplicated HTML and JavaScript scripts that can be hosted on a server in a matter of minutes. This accessibility has turned a tool previously associated with state-sponsored actors into a potential weapon for any criminal actor.The toolkit specifically targets iPhones and iPads running older versions of Apple’s operating system, such as iOS 18, which have not yet been updated to the latest iOS software. The code is designed to work "out of the box," meaning no iOS expertise is required to execute the attack. Researchers note that the leaked samples share infrastructure with previous campaigns analyzed by iVerify and Google, indicating a continuity in the threat landscape.The Scale of the VulnerabilityThe implications of this leak are vast, given the sheer number of devices potentially affected. According to Apple’s own data, approximately one-quarter of all iPhone and iPad users are still running older operating systems. With over 2.5 billion active devices globally, this suggests that hundreds of millions of users are currently exposed to the capabilities of DarkSword.Targeted Data: The exploit is capable of exfiltrating forensically relevant files, including contacts, messages, call history, and the iOS keychain (which stores Wi-Fi passwords and secrets).Historical Context: DarkSword was previously alleged to be used by Russian government hackers against Ukrainian targets, linking this new leak to geopolitical cyber warfare.From State-Sponsored to Criminal PlaygroundThe ease with which DarkSword can be repurposed has raised alarms within the cybersecurity community. Matthias Frielingsdorf, co-founder of mobile security startup iVerify, described the situation as "bad" and warned that the tool cannot be contained. The transition of such advanced spyware from a restricted government tool to a public commodity lowers the barrier to entry for cybercriminals.Kimberly Samra of Google and security hobbyist matteyeux have independently confirmed that the leaked code is trivial to use. Matteyeux successfully demonstrated the exploit on an iPad mini running iOS 18, proving that the threat is immediate and actionable for malicious actors.The Future of iOS Security and Lockdown ModeApple has responded by issuing an emergency update on March 11 for devices unable to run recent versions of iOS. The company emphasizes that keeping software up to date is the "single most important thing" for security and notes that devices with updated software are not at risk.Furthermore, Apple highlighted that Lockdown Mode would block these specific attacks. As the industry moves forward, the reliance on software updates and hardening features like Lockdown Mode will become increasingly critical in defending against the commoditization of exploit kits like DarkSword.