{"id":5056,"date":"2026-04-03T08:44:59","date_gmt":"2026-04-03T08:44:59","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/04\/03\/apple-expands-ios-18-security-updates-amid-darksword-threat\/"},"modified":"2026-04-03T08:44:59","modified_gmt":"2026-04-03T08:44:59","slug":"apple-expands-ios-18-security-updates-amid-darksword-threat","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/04\/03\/apple-expands-ios-18-security-updates-amid-darksword-threat\/","title":{"rendered":"Apple Expands iOS 18 Security Updates Amid DarkSword Threat"},"content":{"rendered":"<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Apple has expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to more devices to protect users from the DarkSword exploit kit, a hacking tool used in targeted cyber-attacks.<\/p>\n<p>The update allows devices still running iOS 18 to receive security patches without upgrading to the latest operating system.<\/p>\n<p>The security fixes included in the update were originally released in 2025, but Apple broadened access on April 1, so more users could automatically receive protections against web-based attacks linked to DarkSword.<\/p>\n<p>The exploit targets devices running iOS versions between 18.4 and 18.7 and can deploy malware when a user visits a compromised website in a watering hole attack.<\/p>\n<h3><strong>Devices Now Eligible For the Update<\/strong><\/h3>\n<p>The expanded update covers a wide range of iPhones and iPads that remain on iOS 18. Eligible devices include:<\/p>\n<ul>\n<li>\n<p>iPhone XR through iPhone 16 models<\/p>\n<\/li>\n<li>\n<p>iPhone SE (2nd and 3rd generation)<\/p>\n<\/li>\n<li>\n<p>Multiple iPad mini, iPad Air and iPad Pro models<\/p>\n<\/li>\n<li>\n<p>iPad (7th generation)<\/p>\n<\/li>\n<\/ul>\n<p>Users with automatic updates enabled will receive the patch automatically, while others can manually update to the patched iOS 18 version or upgrade to iOS 26.<\/p>\n<h3><strong>DarkSword Exploit and Ongoing Attacks<\/strong><\/h3>\n<p>Security researchers revealed that the DarkSword exploit kit has been used in cyber attacks since July 2025, which have\u00a0targeted\u00a0users in several countries.<\/p>\n<p>The exploit uses six vulnerabilities and has been linked to multiple threat actors, including surveillance vendors and suspected espionage groups. Attacks have deployed several data-stealing tools, including GhostBlade, GhostKnife and GhostSaber malware.<\/p>\n<p>&#8220;DarkSword silently steals vast amounts of user [data] purely because the user visited a real (but compromised) website,&#8221; Rocky Cole, co-founder and COO at iVerify, said.<\/p>\n<p>&#8220;Apple has at least agreed with the security community&#8217;s assessment that this presents a clear and present threat to devices that remain unpatched on earlier versions of iOS.&#8221;<\/p>\n<p><em>Read more on mobile security threats: Android OS-Level Attack Bypasses Mobile Payment Security<\/em><\/p>\n<p>Researchers also warned that the exploit kit was leaked on GitHub, raising concerns that more attackers could begin using it. The attacks can install backdoors and steal sensitive information once a device is compromised.<\/p>\n<h3><strong>Apple Takes Unusual Step With Older OS Updates<\/strong><\/h3>\n<p>Apple typically stops delivering updates to older operating systems once new versions are released.<\/p>\n<p>However, this update allows users who remain on iOS 18 to continue receiving critical security patches, rather than forcing a full operating system upgrade.<\/p>\n<p>&#8220;The combination of its reliability and accessibility is likely why Apple decided to backport the patch,&#8221; Vincenzo Iozzo, CEO and co-founder at SlashID, said. &#8220;[Still], this leaves a significant portion of the customer base vulnerable.&#8221;<\/p>\n<p>Apple has also begun sending lock screen notifications to users running older software, urging them to install the latest security updates to protect their devices from active threats.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Apple has expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to more devices to protect users from the DarkSword exploit kit, a hacking tool used in targeted cyber-attacks. The update allows devices still running iOS 18 to receive security patches without upgrading to the latest operating system. The security fixes included in the update<\/p>\n","protected":false},"author":2,"featured_media":5057,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5056","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/04\/5056-1a85427c-8741-45d0-8b2c-287b6fdb716c-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/5056","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=5056"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/5056\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/5057"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=5056"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=5056"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=5056"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}