Back to Home
diagram

Photo by Growtika on Unsplash

US Gov iPhone Hack Tool Leaked, Charging Stations Vulnerable

By ProjectZyper AI 7 min read
LinkedIn X
iphone-hackingcharging-stationsoauth-error-flowsus-governmentnational-securityindividual-privacy
AI Summary

A leaked US government iPhone hacking toolkit, Coruna, poses significant threats to national security and individual privacy by allowing malicious actors to hack into iPhones and extract sensitive information. Additionally, vulnerabilities in charging station systems could enable attackers to gain unauthorized control or disrupt services, affecting critical infrastructure sectors such as energy and transportation. To mitigate these risks, implement the latest patches, use secure communication protocols, and conduct regular security audits and risk assessments.

A leaked US government iPhone hacking toolkit, known as Coruna, has put millions of users at risk, posing significant threats to national security and individual privacy. The toolkit can be used to hack into iPhones and extract sensitive information, including contacts, messages, and location data. Meanwhile, vulnerabilities in charging station systems could enable attackers to gain unauthorized control or disrupt services, affecting critical infrastructure sectors such as energy and transportation. Furthermore, hackers are abusing OAuth error flows to spread malware, bypassing phishing protections in email and browsers.

Introduction

The recent leak of a US government iPhone hacking toolkit has raised concerns about the security of Apple devices and the potential risks to national security and individual privacy. According to Wired, the leak may allow malicious actors to exploit previously unknown vulnerabilities in Apple devices, putting millions of users at risk. Additionally, vulnerabilities in charging station systems have been discovered, which could enable attackers to gain unauthorized administrative control or disrupt charging services through denial-of-service attacks. Hackers are also exploiting OAuth error flows to spread malware, highlighting the need for increased vigilance and proactive defense measures.

US Government iPhone-Hacking Toolkit Leaked

The Coruna toolkit can be used to hack into iPhones and extract sensitive information, including contacts, messages, and location data. As Wired reports, the leak may allow malicious actors to exploit previously unknown vulnerabilities in Apple devices, putting millions of users at risk. The toolkit is believed to have been used by US government agencies for law enforcement and intelligence gathering purposes. However, its leak has raised concerns about the potential misuse of such powerful tools by malicious actors.

The Coruna toolkit is a sophisticated piece of software that can be used to bypass the security features of Apple devices. It can exploit vulnerabilities in the iPhone's operating system, allowing attackers to gain unauthorized access to sensitive information. The toolkit can also be used to install malware on the device, which can be used to steal sensitive information or disrupt the normal functioning of the device.

Technical Details

The Coruna toolkit is a complex piece of software that uses a variety of techniques to exploit vulnerabilities in Apple devices. It includes a range of tools and exploits that can be used to bypass security features and gain unauthorized access to sensitive information. The toolkit is highly customizable, allowing attackers to tailor their attacks to specific targets and objectives.

The Coruna toolkit has been designed to work on a range of Apple devices, including iPhones and iPads. It can exploit vulnerabilities in the operating system, as well as in third-party apps and software. The toolkit is highly effective at bypassing security features, making it a powerful tool for malicious actors.

Vulnerabilities in Charging Station Systems

Multiple vulnerabilities have been discovered in charging station systems from various vendors, including Hitachi Energy, Mobiliti, ePower, and Everon. These vulnerabilities could enable attackers to gain unauthorized administrative control or disrupt charging services through denial-of-service attacks. As CISA reports, the affected systems are used in critical infrastructure sectors such as energy and transportation, making them a high-priority target for attackers.

  • The vulnerabilities include:
    • Missing authentication for critical functions (CVE-2026-26051)
    • Improper restriction of excessive authentication attempts (CVE-2026-20882)
    • Insufficient session expiration (CVE-2026-27764)
    • Insufficiently protected credentials (CVE-2026-27777)
  • The affected products and versions include:
    • Hitachi Energy RTU500 series CMU Firmware version 12.7.1 through 12.7.7
    • Mobiliti e-mobi.hu version all/*
    • ePower epower.ie version all/*
    • Everon OCPP Backends version all/*

The vulnerabilities in charging station systems can be exploited by attackers to gain unauthorized access to sensitive information or disrupt the normal functioning of the systems. This can have significant consequences, including the disruption of critical infrastructure services and the theft of sensitive information.

Affected Systems

The affected charging station systems are used in a range of applications, including electric vehicle charging, industrial control systems, and smart grid management. The systems are designed to manage and control the flow of energy, ensuring that it is delivered safely and efficiently to where it is needed.

The Hitachi Energy RTU500 series CMU Firmware is a popular choice for industrial control systems, providing advanced features and functionality for managing and controlling complex systems. The Mobiliti e-mobi.hu and ePower epower.ie systems are used in electric vehicle charging applications, providing fast and convenient charging services to drivers. The Everon OCPP Backends system is used in smart grid management applications, providing advanced features and functionality for managing and controlling the flow of energy.

OAuth Error Flows Abused by Hackers

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers. According to BleepingComputer, this technique can be used to take users to malicious pages, potentially leading to malware infections or data breaches. Microsoft has warned users about this threat and provided guidance on how to protect themselves.

OAuth Error Flow Exploitation

The attack exploits a flaw in the OAuth error flow process, allowing hackers to redirect users to malicious websites. This can be done by manipulating the error parameter in the OAuth authorization request, which can lead to a malicious page being displayed to the user.

The OAuth error flow is designed to handle errors that occur during the authorization process, providing a secure and reliable way for users to authenticate with online services. However, the flaw in the error flow process allows hackers to exploit this mechanism, redirecting users to malicious websites and potentially leading to malware infections or data breaches.

Mitigation Guidance

To protect against these threats, security practitioners should take the following steps:

  • Implement recommended cybersecurity strategies for proactive defense of critical infrastructure assets.
  • Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.
  • Locate control system networks and remote devices behind firewalls and isolate them from business networks.
  • Use secure methods for remote access, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available.
  • Perform proper impact analysis and risk assessment prior to deploying defensive measures.
  • Stay informed about the latest threats and vulnerabilities, including those related to charging station systems and OAuth error flows.

Additionally, security practitioners should:

  • Implement multi-factor authentication for all users accessing critical infrastructure systems.
  • Use secure communication protocols, such as HTTPS and SFTP, to protect sensitive information in transit.
  • Regularly update and patch all software and systems, including operating systems, applications, and firmware.
  • Conduct regular security audits and risk assessments to identify vulnerabilities and weaknesses in critical infrastructure systems.

By taking these steps, security practitioners can help protect against the threats posed by the leaked iPhone hacking toolkit, vulnerabilities in charging station systems, and OAuth error flow exploitation. It is essential to remain vigilant and proactive in defending against these threats, as they have the potential to cause significant harm to national security and individual privacy.

Recommendations for Charging Station System Operators

Charging station system operators should take immediate action to protect their systems from exploitation. This includes:

  • Updating and patching all software and firmware to the latest versions.
  • Implementing multi-factor authentication for all users accessing critical infrastructure systems.
  • Using secure communication protocols, such as HTTPS and SFTP, to protect sensitive information in transit.
  • Conducting regular security audits and risk assessments to identify vulnerabilities and weaknesses in charging station systems.

Additionally, charging station system operators should:

  • Monitor system logs and network traffic for signs of suspicious activity.
  • Implement incident response plans to quickly respond to security incidents.
  • Provide training and awareness programs for employees and users on cybersecurity best practices.

By taking these steps, charging station system operators can help protect their systems from exploitation and reduce the risk of disruption to critical infrastructure services.

Conclusion

The leaked iPhone hacking toolkit, vulnerabilities in charging station systems, and OAuth error flow exploitation pose significant threats to national security and individual privacy. To mitigate these risks, security practitioners should:

  1. Apply the latest patches to all software and firmware.
  2. Implement multi-factor authentication for all users accessing critical infrastructure systems.
  3. Use secure communication protocols, such as HTTPS and SFTP, to protect sensitive information in transit.
  4. Conduct regular security audits and risk assessments to identify vulnerabilities and weaknesses in critical infrastructure systems.
  5. Stay informed about the latest threats and vulnerabilities, including those related to charging station systems and OAuth error flows.

By prioritizing these actions, security practitioners can help protect against the threats posed by the leaked iPhone hacking toolkit, vulnerabilities in charging station systems, and OAuth error flow exploitation, ultimately reducing the risk of disruption to critical infrastructure services and protecting national security and individual privacy.

Sources
A US Government iPhone-Hacking Toolkit Is Now in Foreign Spy and Criminal Hands Hitachi Energy RTU500 Product Hitachi Energy Relion REB500 Product Mobiliti e-mobi.hu ePower epower.ie Everon OCPP Backends Microsoft: Hackers abuse OAuth error flows to spread malware
Related Articles
ProjectZyper AI ProjectZyper AI

AI-powered cybersecurity threat intelligence. Aggregated, analyzed, and published daily.

Powered by AI

Navigation

Status

Scanning threat feeds...

AI-generated content. Verify critical information independently.

© 2026 ProjectZyper AI. All rights reserved.