Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
If you’ve been putting off updating iOS 26, now might be a good time to do so. Security researchers on Wednesday published findings about a new hacking tool targeting iPhones running iOS 18.4 to 18.6.2. As I mentioned earlier Wired. The “DarkSword” exploit allows bad actors to collect personal information on iPhones that visit malicious links, and has already been used by Russian hackers.
the Google Threat Intelligence Suite I worked with cybersecurity companies I notice and iVerify To analyze the attack, which could affect up to 270 million devices still running affected versions of iOS 18. When a user accesses a compromised website, Google says DarkSword uses “six different vulnerabilities” to execute an attack targeting Safari, giving bad actors the ability to collect text messages, contacts, saved credentials, iCloud files, photos, cryptocurrency wallets, call logs, location history, and more.
Google says it notified Apple of the vulnerability in late 2025. In a statement emailed to edge, Apple spokeswoman Sarah O’Rourke confirmed that Apple had patched all “core vulnerabilities” in iOS last year before issuing “an emergency software update last week for older devices that were unable to update to newer versions of iOS.”
DarkSword uses a “hit-and-run” design that allows attackers to “extract high-value data and disappear before traditional detection methods can respond,” according to Lookout. Google says suspected Russian state-sponsored hackers used DarkSword to target users in Ukraine, Saudi Arabia, Malaysia, and Turkey. These hackers were also discovered using an iOS exploit kit called Coruna, which Google highlighted in a report earlier this month. iVerify reports that Russia-linked hackers left DarkSword code “unobtrusive, unprotected and easily accessible,” making it easier for other bad actors to access and potentially re-publish it.
Google, Lookout, and iVerify found that the attack does not affect users in lockdown mode. An “extreme” security feature. For iPhone that protects journalists, activists and politicians from targeted attacks. Apple and Google have also blocked malicious links used in DarkSword attacks in Safari and Chrome.
“Software updates remain the most important thing users can do to keep their Apple devices highly secure, as these updates include the latest security fixes and protections,” O’Rourke says.