Breaking AI & Tech News Analyzed

The Coruna and DarkSword Threat For years, the prevailing narrative among iPhone security experts was that breaking through Apple's defenses was a rare, high-barrier event requiring significant resources. However, recent investigations by Google, iVerify, and Lookout have shattered this assumption. Researchers have documented broad-scale hacking campaigns utilizing two specific tools, Coruna and DarkSword, which have been used to target victims globally who are not running the latest software updates. Attack Vectors: Hackers are compromising legitimate websites and creating fake pages to deliver spyware. Key Actors: Involvement of Russian spies and Chinese cybercriminals. Tool Availability: The source code for these tools has leaked online, allowing anyone to launch attacks against older iPhones. The Two-Tier iPhone Security Landscape The discovery of Coruna and DarkSword highlights a critical data point in the current security ecosystem: the existence of two distinct classes of iPhone users. This bifurcation is driven by the introduction of Memory Integrity Enforcement in iOS 26, a feature designed to prevent memory corruption bugs—the very vulnerabilities exploited by DarkSword. Class A (Secure): Users on the latest iPhone 17 models running iOS 26 are protected by memory-safe code and Lockdown Mode, making them resistant to these specific memory-based hacks. Class B (Vulnerable): Users running iOS 18 or older versions remain exposed to memory corruption attacks, as these older systems lack the new safety enforcement layers. Challenging the 'Rare Hack' Myth The widespread use of these leaked tools suggests that spyware attacks are becoming more common and less exclusive. This shift is fueled by a thriving "second-hand" market for exploits, where brokers resell vulnerabilities before they are patched. Experts argue that the rarity of iPhone hacks has been overstated simply because they are rarely documented. As noted by Patrick Wardle, the baseline capability for such attacks is now accessible to a wider range of actors, moving beyond state-sponsored actors to include cybercriminals. The End of the 'Rare Hack' Era The future of mobile security appears to be one of continuous escalation. With the code for Coruna and DarkSword now public, the barrier to entry for launching attacks against older devices has lowered significantly. This indicates that memory-based exploits will continue to plague lagging users, and the market for exploit development will likely expand as brokers seek to monetize vulnerabilities before updates are applied.

The Dual Threat: Coruna and DarkSwordSecurity researchers have identified two distinct but equally dangerous hacking toolkits, Coruna and DarkSword, that have leaked onto the open web. These advanced exploit kits, capable of breaking into iPhones and iPads, were originally developed for high-level government surveillance but are now available for anyone to download.Coruna: Targets iOS 13 through 17.2.1. Linked to Trenchant, a unit within U.S. defense contractor L3Harris, and previously used in Operation Triangulation against Russian targets.DarkSword: Targets iOS 18.4 and 18.7. Leaked on GitHub, making it "plug-and-play" for cybercriminals.The Scale of VulnerabilityThe scale of this exposure is staggering. According to Apple's statistics, nearly one-in-three iPhone and iPad users are still not running the latest software. With over 2.5 billion active devices globally, this implies hundreds of millions of users are susceptible to these attacks.DarkSword is particularly concerning because it targets newer devices running iOS 18.4 and 18.7. Researchers have already tested the leaked code, successfully hacking their own devices to demonstrate the ease of use.From State-Sponsored Espionage to Public ExploitationThis leak marks a dangerous shift in the cybersecurity landscape. Historically, sophisticated tools like Coruna were the domain of state-sponsored actors targeting specific regions, such as the Uyghurs in China or activists in Hong Kong.However, the release of DarkSword represents a move toward indiscriminate cybercrime. The tool is written in web languages like HTML and JavaScript, allowing attackers to launch attacks simply by hosting a malicious website. Victims in China, Malaysia, Turkey, Saudi Arabia, and Ukraine have already been targeted.The Future of Zero-Day WeaponizationThe leak of these tools mirrors the infamous 2017 WannaCry ransomware attack, which was fueled by leaked NSA exploits. Once powerful zero-day vulnerabilities are released into the wild, they are nearly impossible to fully contain.Experts recommend immediate action: users must update to iOS 18.7.6 or iOS 26.3.1. For high-risk individuals, enabling Lockdown Mode remains the most effective defense, as there is currently no public evidence of hackers bypassing its protections.

The App Store Connect Transformation Apple has announced a significant update to its App Store Connect service, introducing over 100 new metrics and tools designed to help developers better understand and optimize their apps' performance across Apple's platforms. This overhaul comes at a critical time as the tech industry debates the future of app stores in the age of artificial intelligence. Expanded Metrics and Data Insights The updated App Store Connect now provides developers with comprehensive metrics across key areas including monetization, subscription data, and in-app purchase performance. Unlike third-party services that offer estimated data, Apple's metrics are based directly on the company's own data, providing more accurate insights into app performance. Among the new features are subscription reports that can be exported via an API, enabling developers to analyze their apps' performance offline or integrate Apple's data into their own systems. Developers can now gain deeper understanding of their users by analyzing behavior around download dates, sources, offer start dates, and other key engagement metrics. Competitive Analysis and Benchmarking Apple has introduced peer group benchmarks that allow developers to compare their performance against competitors in critical areas like download-to-paid conversions and proceeds per download. This feature provides valuable context for developers to assess their market position and identify opportunities for improvement. Apple emphasizes that it uses aggregated cohort data and differential privacy techniques to protect both user privacy and individual developer performance data, ensuring that insights can be gained without compromising sensitive information. Enhanced Data Filtering and Analytics Guide Developers can now apply up to seven filters simultaneously when viewing metrics in App Store Connect, allowing for more granular analysis of their app data. This enhanced filtering capability enables deeper dives into specific aspects of app performance. To support developers in making data-driven decisions, Apple has published a new App Store Analytics Guide in the Help section of App Store Connect. This comprehensive resource aims to help developers better understand the App Store's tools and features and develop effective strategies for app success. Strategic Timing Amid AI Evolution The timing of this App Store Connect overhaul is particularly noteworthy, as the industry witnesses rapid advancements in AI capabilities. There's growing speculation that AI agents could eventually replace traditional app stores, with some industry leaders suggesting that smartphone apps may become obsolete as AI-powered web services become more prevalent. Apple appears to be strategically positioning itself to strengthen its lucrative App Store ecosystem rather than allowing it to be disrupted by emerging technologies. The company is reportedly planning to announce an AI-powered Siri at its upcoming developer conference in June, which will be capable of completing tasks within apps, potentially bridging the gap between traditional apps and AI-powered services.

The V&A; Museum's lavish spring show, Schiaparelli: Fashion Becomes Art, is a surrealist's dream come true. The exhibition takes visitors on a journey through the life and work of Elsa Schiaparelli, a fashion designer who defied conventions and pushed the boundaries of art and fashion.Schiaparelli's designs are a whimsical and witty blend of art, culture, and fashion. From a shoe that becomes a hat to a telephone dial that transforms into a compact mirror, each piece is a testament to her innovative spirit and creative genius.The exhibition features collaborations with famous artists like Salvador Dalí and Jean Cocteau, showcasing iconic pieces such as the lobster telephone and the skeleton dress. These works demonstrate Schiaparelli's ability to merge fashion and art, creating something truly unique and groundbreaking.Elsa Schiaparelli was a trailblazer in her own right, launching her fashion career in Paris in the 1930s and quickly gaining recognition for her trompe l'oeil sweaters and shocking pink designs. Her legacy continues to inspire designers today, including Daniel Roseberry, who has been spearheading the brand's revival since 2019.The exhibition also features modern pieces that showcase the brand's continued commitment to innovative design and artistic collaboration. From a golden breastplate worn by Bella Hadid at Cannes to a robot baby made from old flip phones and circuit board shards, these works demonstrate the brand's ongoing dialogue with art and culture.Schiaparelli: Fashion Becomes Art is a must-see exhibition for anyone interested in fashion, art, and culture. It challenges visitors to think differently about the relationship between fashion and art, and showcases the enduring legacy of Elsa Schiaparelli's surrealist designs.

Apple has introduced a new requirement for UK iPhone users, mandating them to confirm they are 18 or older to use certain services. This move, believed to be a first for a European market, comes as part of a broader effort to protect children online. The age verification process can be completed by uploading a credit card or scanning an ID, such as a driving license or national ID. Ofcom, the online regulator, has welcomed the change, calling it “a real win for children and families” and part of a wider drive to “keep young people away from harmful content”. The update is part of a software update and aims to restrict access to certain services and features for users under 18. However, some users have expressed concerns about the privacy implications of uploading personal information for age verification. Apple has assured users that if they already have an account, they can confirm their age with a payment method on file or other eligible methods. The company was unable to immediately specify which services, features, or actions would be inaccessible without age confirmation. This development follows the introduction of age verification gates on many web services, including pornography websites, to comply with the Online Safety Act. Ofcom noted that Apple’s decision makes the UK one of the first countries to receive new child safety protections on devices. The watchdog plans to report on the use of app stores by children and evaluate the effectiveness of age assurance by app store providers.

Classical music has long struggled to find relevance and impact in modern times, but a surprising solution may have been found in the form of a blue heeler puppy. Bluey, the Australian cartoon for children of all ages, has become a global phenomenon with over 45 billion minutes watched in the US alone and over 1 billion streams of its albums and soundtracks. The show's music, composed by Joff Bush, is a key factor in its success. Bush's soundtrack is remarkably diverse, incorporating a wide range of genres, including classical music. He seamlessly weaves in classical pieces from renowned composers like Bach, Beethoven, Mozart, and Holst, making them an integral part of the show's narrative. One notable example is the use of Mozart's Rondo alla Turca in the show's first episode, Magic Xylophone. This introduction to classical music is not done in a forced or condescending way; instead, Bush uses these pieces to enhance the emotional impact of each scene. For instance, Holst's Jupiter from The Planets is used in the Sleepytime episode to create a cosmic journey for Bingo. The new Bluey album, Up Here, continues this trend, featuring a three-and-a-half-minute orchestral tone-poem on the Bluey theme tune. This piece serves as a Young Person's Guide to the Orchestra for 2026, introducing listeners to various musical sections and instruments. The album also includes quotes and transformations of famous classical pieces, such as Mozart's Eine Kleine Nachtmusik and Vivaldi's Spring from The Four Seasons. Bush's approach to incorporating classical music into Bluey is refreshing and effective. Unlike previous cartoons that used classical music to parody or mock its elitist pretensions, Bluey presents these pieces in a joyful and organic way. This approach has the potential to introduce classical music to billions of listeners worldwide, making it a significant development in the classical music landscape.

Hong Kong police have been granted the authority to require individuals suspected of violating the city's national security law to provide passwords to their mobile phones or computers. This measure, which took effect on Monday, is part of the national security law imposed by Beijing in 2020. The new provisions empower police to require a person under investigation suspected of endangering national security to provide any password or decryption method for electronic devices and to provide the police “any reasonable and necessary information or assistance”. Refusing to comply could lead to up to one year’s imprisonment and a fine of up to 100,000 Hong Kong dollars ($12,768), while providing false or misleading information could bring up to three years’ imprisonment and a fine of up to 500,000 Hong Kong dollars ($63,840). The imposition of the 2020 national security law, supplemented by a second component in 2024, has led to a marked decline in civil liberties in the former British colony returned to China in 1997, according to human rights advocates. The new amendments have sparked concerns over the erosion of Hong Kong's autonomy and its status as an international financial and business centre. Urania Chiu, a law lecturer in the UK researching Hong Kong, said the new provisions interfered with fundamental liberties, including the privacy of communication and the right to a fair trial. “The sweeping powers given to law enforcement officers without any need for judicial authorisation are grossly disproportionate to any legitimate aim the bylaw purports to achieve,” Chiu told the Reuters news agency. A Hong Kong government spokesperson said the amended rules conform to the city’s mini-constitution, the Basic Law, and its human rights provisions, and “will not affect the lives of the general public or the normal operation of institutions and organisations”. According to the Security Bureau, a total of 386 people have been arrested for national security crimes so far, with 176 people and four companies convicted.

Pakistan's military leadership has been playing a crucial role in attempting to broker negotiations between the US and Iran. The country's army chief, Asim Munir, recently had a call with US President Donald Trump to discuss the conflict. Diplomatic sources indicate that the US and Iran could meet for negotiations in Islamabad as early as this week to discuss an end to the war, which began almost a month ago. While Islamabad has yet to be officially confirmed as the venue, sources suggest that Tehran prefers Islamabad. Pakistani sources mention that US Vice-President JD Vance is being considered as a probable chief negotiator from the US side, rather than Trump's Middle East envoy Witkoff or Trump's son-in-law, Jared Kushner. Vance is viewed as a sceptic of the US decision to bomb Iran and has largely kept quiet on the conflict. After the phone call between Trump and Munir, Pakistan's Prime Minister, Muhammad Shehbaz Sharif, spoke to Iranian President Masoud Pezeshkian on Monday. According to an official readout of the call, they agreed on the urgent need for de-escalation, dialogue, and diplomacy. Sources suggest that Iran's parliamentary speaker, Mohammad Bagher Ghalibaf, is likely to lead any talks from the Iranian side. However, Ghalibaf has dismissed reports of talks between the two sides as 'fake news'. An Iranian diplomatic source confirmed that talks are expected this week but expressed 'zero trust' in Washington. They stated that Iran would not accept Witkoff and Kushner as negotiators for any discussions. Negotiations between the US and Iran were ongoing when the US began its bombing campaign. The Iranian regime views these negotiations as an attempt by the Trump administration to deceive Iran into thinking it wanted a diplomatic solution while planning to attack. On Monday, Trump indicated that he would be willing to halt US strikes, claiming that 'strong talks' were being held between Iranian officials and Witkoff and Kushner. Trump told reporters that they had 'very, very strong talks' and that they had 'major points of agreement, I would say, almost all points of agreement'. The US president has given a five-day deadline to an ultimatum he gave over the weekend, threatening to 'obliterate' Iran's power plants and energy infrastructure if they did not reopen the Strait of Hormuz, a crucial shipping route currently being blockaded by Iran's military. Trump's announcement of talks helped boost markets, bringing oil prices sharply down to below $100 (£75) a barrel, the lowest in days.

Hong Kong police have been granted new powers to demand that individuals suspected of breaching the city's national security law provide mobile phone or computer passwords. This move is part of a further crackdown on dissent in the city.The amendments to the law, published by the city government, also empower customs officers to seize items deemed to have a 'seditious intention', regardless of whether any person has been arrested for an offence endangering national security.Refusing to comply with the demand for passwords could lead to up to one year's jail and a fine of up to HK$100,000 ($12,773), while providing false or misleading information could bring up to three years' imprisonment and a fine of up to HK$500,000.The sweeping national security law, imposed by Beijing in 2020, punishes acts including subversion and collusion with foreign forces with up to life imprisonment. The law has sparked criticism from western governments and rights groups, but Beijing and Hong Kong officials say it was needed to restore stability after months of pro-democracy protests in 2019.Urania Chiu, a law lecturer in the UK researching Hong Kong, said the new provisions interfere with fundamental liberties, including the privacy of communication and the right to a fair trial. Chiu stated that 'the sweeping powers given to law enforcement officers without any need for judicial authorisation are grossly disproportionate to any legitimate aim the bylaw purports to achieve.'A Hong Kong government spokesperson said the amended rules conform to the city's mini-constitution, the Basic Law, and its human rights provisions, and 'will not affect the lives of the general public or the normal operation of institutions and organisations'. According to the Security Bureau, a total of 386 people have been arrested for national security crimes so far, with 176 people and four companies convicted.