Leaked iPhone hacking tool exposes Apple’s zero-click blind spot

Security researchers have uncovered two advanced iPhone hacking tools—Coruna and DarkSword—with the latter now circulating online. Unlike garden-variety malware, these tools reportedly enable zero-click exploits, meaning users don’t even need to tap a link to get compromised. The leak suggests attackers may already be probing vulnerabilities in iOS versions that Apple hasn’t patched—or perhaps can’t patch without breaking core functionality.

Apple’s ecosystem has long traded on its reputation for security, but this leak underscores a growing tension: the company’s slow patch cycles clash with the speed at which exploits spread. While Coruna remains under wraps, DarkSword’s public availability means hackers now have a blueprint to reverse-engineer attacks. Early signals suggest these tools target high-value individuals—journalists, executives, activists—but the leak democratizes the risk.

The practical impact is immediate. Users with unpatched devices (and that’s most of them) face invisible threats. Unlike Android’s fragmented update system, Apple controls iOS updates centrally—yet even that hasn’t prevented this gap. The question isn’t whether your iPhone is vulnerable, but whether the exploit has already been weaponized against you.

For enterprises and governments, this leak is a five-alarm fire. Zero-click exploits undermine mobile device management (MDM) tools, which assume the OS itself is secure. If DarkSword’s capabilities include persistent access—say, via iMessage or iCloud sync—IT teams may need to rethink their entire security posture. The MITRE ATT&CK framework doesn’t even fully catalog these kinds of iOS-specific threats yet.

Apple’s response will be scrutinized. The company has historically downplayed similar vulnerabilities until forced into action by public pressure or lawsuits. This time, the leak’s visibility may accelerate a fix—but the damage is already spreading. Forum chatter among security researchers, per TechCrunch’s reporting, suggests Coruna could be even more sophisticated. If that tool leaks next, we’re looking at a cascade failure of iOS trust.

The real bottleneck isn’t the exploit itself, but Apple’s opacity. Without clear disclosure timelines or bug bounty transparency, users and admins are flying blind. The company’s walled garden only works if the walls hold.