THREATNOIR
Subscribe
Back to Feed
Zero-dayApr 12, 2026

‼️A full-chain one-click exploit for iOS 18 through 18.7, bundled with a bonus stealer called "GH...

Full-chain iOS 18–18.7 exploit "EL Muncho" with GHOSTBLADE stealer offered on cybercrime forum.

Read at source

Summary

A threat actor known as rosestealer is reportedly selling a full-chain one-click exploit targeting iOS 18 through 18.7 on a popular cybercrime forum. The exploit, dubbed "EL Muncho," is bundled with an information stealer malware called "GHOSTBLADE." This represents an active zero-day threat affecting a wide range of current iOS versions.

Indicators of Compromise

  • malware — GHOSTBLADE

Entities

iOS 18 (product)rosestealer (threat_actor)EL Muncho (campaign)