**DarkSword Exploit Kit: Apple's Latest iOS Update Brings Crucial Security Patches to More Devices**
In a move aimed at fortifying the security of its users, Apple has expanded the availability of iOS 18.7.7 to a broader range of devices, providing critical patches for the DarkSword exploit kit. This update was rolled out on April 1, 2026, and is particularly relevant for those still running iOS 18 on their iPhones and iPads.
The DarkSword exploit kit has been actively exploited since its discovery in March 2026 by researchers from Lookout, iVerify, and Google Threat Intelligence. The toolkit leverages six vulnerabilities, including CVE-2025-31277, CVE-2025-43529, and CVE-2026-20700, among others. Unlike most iOS exploit kits, DarkSword has seen widespread deployment, with confirmed users including PARS Defense, a Turkish commercial surveillance company, as well as threat actors UNC6748 and UNC6353.
These attacks have been associated with three malware families: GhostBlade, an aggressive JavaScript-based infostealer; GhostKnife, a backdoor; and GhostSaber, a JavaScript malware capable of executing code and stealing data. The publication of the DarkSword exploit kit on GitHub by a researcher has further expanded the threat landscape, making it accessible to additional threat actors targeting unpatched devices.
**What is DarkSword?**
DarkSword is an exploit kit that targets iPhones running iOS versions 18.4 through 18.7. It was designed to take advantage of vulnerabilities in these operating systems and install malware on affected devices. The toolkit's capabilities have been observed in various attacks, including those by PARS Defense and UNC6748.
**Apple's Response**
In response to the DarkSword exploit kit, Apple has gradually patched the associated vulnerabilities from iOS 18.6 onward. However, with the discontinuation of iOS 18 updates for devices capable of running iOS 26, newer hardware still operating on iOS 18 was no longer receiving these critical patches.
**Devices Now Eligible for the iOS 18.7.7 Update**
The latest update extends support to a wider range of devices, including:
* iPhone XR * iPhone XS * iPhone XS Max * All models of the iPhone 11 * Second-generation iPhone SE * All models of the iPhone 12, 13, 14, 15, and 16 series * The iPad mini fifth generation * iPad seventh generation * iPad Air third through fifth generations * iPad Air 11-inch models with M2 and M3 chips * 13-inch iPad Air with M2 and M3 * iPad Pro 11-inch versions from the first generation through M4
**How to Update to iOS 18.7.7**
Devices with Automatic Updates enabled will receive the iOS 18.7.7 update automatically. Users who have automatic updates turned off can manually install the update by opening Settings, then tapping General, and finally selecting Software Update.
The release of iOS 18.7.7 is a crucial step in protecting users from the DarkSword exploit kit. With this update, Apple has extended security patches to a broader range of devices, ensuring that those still running iOS 18 on their iPhones and iPads have access to critical protection against web attacks.
**Conclusion**
The expansion of iOS 18.7.7 support is a significant development in the ongoing battle against cyber threats. By providing crucial security patches for the DarkSword exploit kit, Apple has demonstrated its commitment to safeguarding users from emerging threats. As always, we urge our readers to stay informed and up-to-date on the latest developments in cybersecurity.
**Recommendations:**
* Enable Automatic Updates to ensure timely receipt of security patches * Regularly check for software updates manually if Automatic Updates is turned off * Be cautious when interacting with unknown links or files, as they may contain malware * Consider using reputable antivirus software and a VPN to enhance online protection
By taking these precautions and staying informed about the latest threats, you can better protect yourself from cyber threats like DarkSword. Stay secure!