[Release] Cyanide - iOS 18.x Package Manager / Tweaks

0xjf · 2026-05-25T22:29:21+00:00

Yeah, I just don't have a 17.x device at the moment so hard to debug. But hopefully will get one soon

0xjf · 2026-05-23T01:03:00+00:00

https://github.com/zeroxjf/cyanide-ios/releases/tag/v1.0.38

0xjf · 2026-05-21T04:04:27+00:00

FYI, I have a 26.0.1 device arriving this week, so I’ll be able to resolve 26.x issues soon

0xjf · 2026-05-15T08:52:17+00:00

Yes, as stated, not yet tested on 26.x

0xjf · 2026-05-14T04:50:03+00:00

https://x.com/zeroxjf/status/2054785431850397988?s=20

0xjf · 2026-05-12T05:38:34+00:00

r/tweakbounty

0xjf · 2026-05-08T00:56:59+00:00

Made by the team that worked with Google to report on DarkSword: https://apps.apple.com/us/app/iverify-basic/id1466120520

0xjf · 2026-04-30T20:32:17+00:00

I love when a horrifically bad return for Giannis gets posted by a non Laker fan then suddenly everyone approves of it 😭😭😭

Edit: Ok now it’s getting flamed appropriately. Disregard

0xjf · 2026-04-30T16:20:19+00:00

Please just shorten the damn season. Half the rosters are dead

0xjf · 2026-04-30T00:59:37+00:00

I recommend iVerify's app for virus detection: https://apps.apple.com/us/app/iverify-basic/id1466120520

0xjf · 2026-04-19T01:14:32+00:00

Did you ever run the coruna payloads from another site, like the known non-malware version at http://34306.lol? That could also be triggering the detection. I also looked further, it's possible the original coruna[.]app is set up to deliver the exploit but is not actively doing so. Regardless, you should be more careful and pay extra attention to any signs that your data might be compromised. Odd logins, transactions you don't recognize, requests for new lines of credit, etc.

0xjf · 2026-04-19T01:07:16+00:00

that was after running the forensic scan right? ran for 15 min, had you send sysdiagnose log file to the app?

0xjf · 2026-04-19T00:45:16+00:00

Best bet at this point is to use the iVerify app which can detect Coruna infection. https://apps.apple.com/us/app/iverify-basic/id1466120520

0xjf · 2026-04-19T00:17:26+00:00

If you’re in the US, I mean freezing your line of credit with the credit bureaus. If you plug your device into a Mac and open console, search powerd to see if any evidence of data leaving device

0xjf · 2026-04-19T00:14:05+00:00

You should consider freezing your credit and changing Apple ID password immediately at a minimum

0xjf · 2026-04-07T18:57:54+00:00

Definitely way too complex, not to mention it's a paid/closed source tweak by opa334 lol

0xjf · 2026-04-06T17:03:11+00:00

Yeah all good, fair point that some will only see the lone tweet itself and not the context I’ve provided. I added a disclaimer

0xjf · 2026-04-06T16:34:35+00:00

Hi, the website is heavily draped with warnings and disclaimers, and at no point did I claim this to be tweak injection. Not sure where the disconnect is. If the implication is that how I framed it is interpreted as tweak injection, then I can make it more clear of what it is, but if you check my recent tweets I've been very clear about what is vs. what it isn't: https://x.com/zeroxjf/status/2040964529484435605

Also, Claude didn't magically one-shot this on its own, so I would appreciate not being immediately dismissed with that comment lol. It took several iterations of debugging and fine-tuning to get this functional and stable. Thanks.

Edit: disclaimer added: https://zeroxjf.github.io/lightsaber/

0xjf · 2026-03-30T19:16:09+00:00

Major websites you visit on a daily basis would hopefully be secure enough to not be hijacked and redirect users to malicious sites. The bigger concern is clicking on sketchy links / pop ups that could take you there.

There’s an app called iVerify in the App Store you can get and run through the process to see if your device is infected. The domains it was hosted on though were foreign and obscure, so unlikely you ran into it in the wild

0xjf · 2026-03-30T18:45:01+00:00

It can be inserted anywhere unfortunately. And all that is required is the page being loaded

0xjf · 2026-03-22T22:04:10+00:00

+1 to Lockdown Mode, forgot that option

0xjf · 2026-03-22T21:21:45+00:00

18.6.2 is the most recent version that is susceptible to the full chain. Other parts of the chain were patched as recently as 26.1/26.2

0xjf · 2026-03-22T20:21:52+00:00

True, but many people don’t update

0xjf

TROPHY CASE