Kaspersky researchers have uncovered a significant connection between the Coruna iOS exploit kit and the 2023 Operation Triangulation attacks, with the former reusing updated code from the latter. The Coruna exploit kit utilizes an updated version of the same kernel exploit employed in Operation Triangulation, suggesting a possible link between the two. Although the shared vulnerabilities do not definitively prove that the same actors are behind both attacks, the code similarities are a strong indication of a connection. The discovery was made after Google's Threat Intelligence Group identified a related threat in early March. The reuse of exploit code highlights the evolving nature of iOS exploitation frameworks, with attackers continually updating and refining their techniques to bypass security measures. This development matters to security practitioners because it underscores the need for continuous monitoring and patching of iOS vulnerabilities to prevent exploitation by sophisticated threat actors1.