Apple has released emergency security updates for older iPhone and iPad models to neutralize “DarkSword,” a dangerous hacking toolkit capable of exfiltrating sensitive personal data. The patches, designated as iOS 18.7.7 and iPadOS 18.7.7, were rolled out this Wednesday to secure devices that remain vulnerable to sophisticated web-based exploits.
Understanding the DarkSword Threat
DarkSword functions by compromising devices running iOS versions 18.4 through 18.7. The attack is triggered simply by visiting a malicious website or a legitimate site that has been compromised to host the exploit code. Once executed, the toolkit harvests a user’s private data, including browser history, messages, precise location data, and cryptocurrency assets, before uploading them to attacker-controlled servers.
While initial activity was localized to targets in China, Malaysia, Turkey, Saudi Arabia, and Ukraine, the public availability of these tools has significantly increased the risk for global users who have not yet updated their software.
Why Older Devices Remained Vulnerable
Apple previously secured users running its latest operating system, iOS 26, weeks ago. However, a significant segment of the user base had refrained from upgrading to iOS 26, largely due to dissatisfaction with the new “liquid glass” user interface. Recognizing the risk, Apple has now backported the necessary security protections to ensure these users are no longer exposed to DarkSword.
How to Protect Your Device
For users who have enabled automatic updates, the security patch will be applied without manual intervention. For others, navigating to system settings to verify the installation of iOS 18.7.7 or iPadOS 18.7.7 is critical. As reported by Wired, this rare backporting effort highlights the severity of the threat.
Lockdown Mode as a Defense Layer
Beyond standard software patches, Apple emphasizes that its optional “Lockdown Mode” provides robust defense against such exploits. The company confirmed that it has no record of successful government-grade spyware attacks against devices operating with this feature enabled, offering a highly secure alternative for users at higher risk of targeted digital threats.
For further technical details regarding the specific vulnerabilities addressed, users can consult the official Apple security support documentation.