The Cybersecurity and Infrastructure Security Agency (CISA) has added 23 iOS vulnerabilities to its Known Exploited Vulnerabilities (KEV) list, which are being exploited by the Coruna nation-state-grade exploit kit. These flaws affect iOS versions 13 to 17.2.1, making them a significant concern for users who have not updated their devices. The Coruna exploit kit is notable for its sophistication and ability to target a wide range of iOS versions. The addition of these vulnerabilities to the KEV list indicates that they are being actively exploited by threat actors, likely with nation-state backing1. This shift in threat model from criminal to geopolitical activity requires a different approach to mitigation and response. The fact that these vulnerabilities are being exploited by a nation-state-grade exploit kit means that practitioners must be prepared to defend against more sophisticated and targeted attacks, so what matters most is that security teams prioritize patching and mitigation to protect against these highly capable threats.