Skip to content
Chimera readability score 0.5191 out of 100, reading level.

Apple has expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to more devices to protect users from the DarkSword exploit kit, a hacking tool used in targeted cyber-attacks.
The update allows devices still running iOS 18 to receive security patches without upgrading to the latest operating system.
The security fixes included in the update were originally released in 2025, but Apple broadened access on April 1, so more users could automatically receive protections against web-based attacks linked to DarkSword.
The exploit targets devices running iOS versions between 18.4 and 18.7 and can deploy malware when a user visits a compromised website in a watering hole attack.
Devices Now Eligible For the Update
The expanded update covers a wide range of iPhones and iPads that remain on iOS 18. Eligible devices include:
-
iPhone XR through iPhone 16 models
-
iPhone SE (2nd and 3rd generation)
-
Multiple iPad mini, iPad Air and iPad Pro models
-
iPad (7th generation)
Users with automatic updates enabled will receive the patch automatically, while others can manually update to the patched iOS 18 version or upgrade to iOS 26.
DarkSword Exploit and Ongoing Attacks
Security researchers revealed that the DarkSword exploit kit has been used in cyber attacks since July 2025, which have targeted users in several countries.
The exploit uses six vulnerabilities and has been linked to multiple threat actors, including surveillance vendors and suspected espionage groups. Attacks have deployed several data-stealing tools, including GhostBlade, GhostKnife and GhostSaber malware.
"DarkSword silently steals vast amounts of user [data] purely because the user visited a real (but compromised) website," Rocky Cole, co-founder and COO at iVerify, said.
"Apple has at least agreed with the security community's assessment that this presents a clear and present threat to devices that remain unpatched on earlier versions of iOS."
Read more on mobile security threats: Android OS-Level Attack Bypasses Mobile Payment Security
Researchers also warned that the exploit kit was leaked on GitHub, raising concerns that more attackers could begin using it. The attacks can install backdoors and steal sensitive information once a device is compromised.
Apple Takes Unusual Step With Older OS Updates
Apple typically stops delivering updates to older operating systems once new versions are released.
However, this update allows users who remain on iOS 18 to continue receiving critical security patches, rather than forcing a full operating system upgrade.
"The combination of its reliability and accessibility is likely why Apple decided to backport the patch," Vincenzo Iozzo, CEO and co-founder at SlashID, said. "[Still], this leaves a significant portion of the customer base vulnerable."
Apple has also begun sending lock screen notifications to users running older software, urging them to install the latest security updates to protect their devices from active threats.

Facts Only

Apple has expanded access to security patches for iOS 18 devices
The DarkSword exploit kit was used in cyberattacks since July 2025
Attacks targeted users in several countries and employed six vulnerabilities
Data-stealing tools such as GhostBlade, GhostKnife, and GhostSaber were deployed
Eligible devices for the expanded update include iPhone XR through iPhone 16 models, multiple iPad mini, iPad Air, and iPad Pro models, and the iPad (7th generation)

Executive Summary

In response to the DarkSword exploit kit, Apple has expanded access to security patches for iOS 18 devices. The update, originally released in 2025, aims to protect users from web-based attacks linked to DarkSword. This hacking tool has been used since July 2025 in cyberattacks that target users in various countries and employ six vulnerabilities. Attacks have deployed several data-stealing tools such as GhostBlade, GhostKnife, and GhostSaber malware. The expanded update covers a wide range of iPhones and iPads, including iPhone XR through iPhone 16 models, multiple iPad mini, iPad Air, and iPad Pro models, and the iPad (7th generation). Users can either automatically receive the patch or manually update to the patched iOS 18 version or upgrade to iOS 26.

Full Take

The expansion of the security patch indicates a proactive approach by Apple to protect users from cyber threats. However, it also raises questions about the potential vulnerabilities in older operating systems that may not receive similar updates in the future. The leak of DarkSword on GitHub suggests that more attackers could use this exploit kit, increasing the risk of data breaches and cyber espionage. This situation highlights the ongoing struggle between technology companies and cybercriminals to maintain security and privacy for users.
Patterns detected: ARC-0043 Motte-and-Bailey, ARC-0024 Ambiguity

Sentinel — Human

Confidence

This article appears to be written by a human journalist, with evidence against synthetic origin in the form of idiosyncratic emphasis, personal voice, and logical but not formulaic structure.

Signals Detected
low severity: Sentence length variance is not uniform, showing human-like rhythm
medium severity: The text displays a balanced but informative perspective with some idiosyncratic emphasis
low severity: While the structure follows a logical pattern, it does not closely match known template patterns
Human Indicators
The text presents personal voices and unique emphases, suggesting human authorship
Apple Expands iOS 18 Security Updates Amid DarkSword Threat — Arc Codex