Apple has issued an urgent security update for users still running older versions of its mobile operating system. The releases—iOS 18.7.7 and iPadOS 18.7.7—are designed to neutralize a potent hacking toolkit known as DarkSword that has been circulating among cybercriminals.
Understanding the DarkSword Threat
DarkSword is a sophisticated suite of exploits targeting vulnerabilities in iOS 18.4 through 18.7. Unlike many attacks that require a user to download a suspicious file, DarkSword is a “web-based” threat. A device can be compromised simply by visiting a malicious website or a legitimate site that has been breached by hackers.
Once the malicious code executes, it can exfiltrate a staggering amount of personal information, including:
- Private text messages and browser histories
- Real-time location data
- Cryptocurrency wallet credentials
While initial attacks were localized to specific regions—including China, Malaysia, Turkey, Saudi Arabia, and Ukraine—the risk has escalated. Because the toolkit has been leaked online, security researchers warn that the barrier to entry for hackers has dropped, potentially exposing any unpatched device to data theft.
Why This Update is Critical
While the latest iOS 26 software already includes protections against these exploits, millions of users remain on older versions. This group includes people using hardware that cannot support the newest OS, as well as those who have intentionally avoided iOS 26 to bypass the controversial “liquid glass” interface redesign.
Wired previously reported that Apple was fast-tracking this patch to ensure these holdouts and legacy users remain protected.
How to Stay Protected
Apple recommends that all eligible users enable automatic updates immediately to receive iOS 18.7.7. For those in high-risk professions who require the highest level of security, the company’s Lockdown Mode remains an effective shield against DarkSword. Apple recently stated it is unaware of any successful government-level spyware attacks against devices where Lockdown Mode was active.
