**Apple Expands DarkSword Exploit Protection to More iPhones and iPads with Latest iOS Update**

In a move aimed at bolstering the security of its devices, Apple has released an updated version of iOS 18.7.7, which extends critical patching for the actively exploited DarkSword exploit kit to a wider range of iPhones and iPads. As part of this update, more users can now receive essential security protections against web attacks known as DarkSword.

DarkSword is a malicious exploit kit that targets iPhones running iOS versions 18.4 through 18.7, taking advantage of six vulnerabilities: CVE-2025-31277, CVE-2025-43529, CVE-2026-20700, CVE-2025-14174, CVE-2025-43510, and CVE-2025-43520. Since its disclosure in March 2026 by researchers from Lookout, iVerify, and Google Threat Intelligence, the kit has seen broader deployment, with confirmed users including Turkish commercial surveillance company PARS Defense, threat actor UNC6748, and suspected Russian espionage group UNC6353.

The DarkSword exploit kit is associated with three malware families: GhostBlade, an aggressive JavaScript-based infostealer; GhostKnife, a backdoor; and GhostSaber, a JavaScript malware capable of executing code and stealing data. With the recent publication of the DarkSword exploit kit on GitHub by a researcher last month, the threat landscape has expanded further, making it accessible to additional threat actors targeting devices that have not been patched.

**What is DarkSword?**

DarkSword is an exploit kit designed to target vulnerabilities in iOS versions 18.4 through 18.7. This malicious software uses six identified vulnerabilities (CVE-2025-31277, CVE-2025-43529, CVE-2026-20700, CVE-2025-14174, CVE-2025-43510, and CVE-2025-43520) to gain unauthorized access to iPhones and iPads. Unlike other exploit kits, DarkSword has seen broader deployment in various attacks.

**How is Apple Protecting Against DarkSword?**

Apple started patching the vulnerabilities associated with DarkSword from iOS 18.6 onward. However, by late 2025, Apple had stopped providing iOS 18 updates to devices capable of running iOS 26. This meant that newer hardware still operating on iOS 18 no longer received DarkSword patches released in 2026.

Before the latest update, iOS 18.7.6 was only available for iPhone XS, iPhone XS Max, and iPhone XR. However, with the release of iOS 18.7.7, support has been expanded to a much larger range of devices, including:

* iPhone 11 models * Second-generation iPhone SE * All models of the iPhone 12, 13, 14, 15, and 16 series * iPad mini fifth generation * iPad seventh generation * iPad Air third through fifth generations * iPad Pro 11-inch versions from the first generation to M4

**How to Update Your Device for DarkSword Protection**

For users with Automatic Updates enabled, iOS 18.7.7 will be installed automatically without any manual steps required. Those who have automatic updates turned off can manually install the update by opening Settings > General > Software Update.

It's worth noting that the fixes related to DarkSword were first released in 2025. As a result, users on iOS 18 who haven't installed incremental updates may receive multiple vulnerability patches with this one update.

By expanding support for the latest security patch, Apple is ensuring that more iPhone and iPad users can protect themselves against web attacks known as DarkSword.