Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks

Apple has pushed a security update to older iPhones and iPads that protects against a leaked set of powerful hacking tools capable of stealing data from a person’s device.

The tech giant said on Wednesday that it released iOS 18.7.7 and iPadOS 18.7.7 to allow a broader range of devices to “receive important security protections from web attacks called DarkSword.”

DarkSword is a hacking toolkit that can be used to break into Apple devices running iOS 18.4 through 18.7 simply by a user visiting a website that hosts the malicious code, such as legitimate websites that have themselves been breached. The exploits steal a person’s device data, including their messages, browser histories, location data, and cryptocurrency, and upload the data to a server hosted by the hackers.

The tools have already been seen in certain attacks targeting users in China, Malaysia, Turkey, Saudi Arabia, and Ukraine. But now that the tools have been published online, security researchers warn that anyone can use these hacking tools to target people running older versions of Apple’s mobile software.

Apple says users running its latest software, iOS 26, were protected weeks ago. The company has also released a new update to iOS 18 users with iPhones and iPads that are unable to run iOS 26 software.

But with Wednesday’s update, Apple has now provided DarkSword fixes for the millions of users with unpatched devices that are capable of updating to iOS 26 but who have chosen not to update. Some users have opted not to update to avoid the software’s new “liquid glass” interface that has drawn user complaints.

Wired reported earlier on Wednesday that Apple was preparing to release the update.

Apple customers who have switched on automatic software updates should receive the new software. Apple said its optional security protections feature, Lockdown Mode, also defends against DarkSword attacks. The company told TechCrunch last week that it is unaware of any successful government spyware attack against an Apple device running Lockdown Mode.