Key Highlights:

• Apple released iOS 18.7.7 and iPadOS 18.7.7 to block DarkSword web-based hacking attacks.
• DarkSword can steal messages, location data, browser history, and cryptocurrency.
• The exploit targets devices running iOS 18.4 through iOS 18.7.
• Users who cannot install iOS 26 now receive protection through this update.

Apple has released iOS 18.7.7 and iPadOS 18.7.7 to protect older iPhones and iPads from the DarkSword hacking toolkit. The update blocks web-based attacks that can steal personal data when users visit compromised websites. The security patch expands protection to devices that cannot run the latest iOS 26 software.

The move comes after security researchers warned that DarkSword tools are now publicly available online. That means attackers no longer need advanced resources to exploit affected devices.

What is the DarkSword attack and how does it work?

DarkSword is a web-based exploitation toolkit designed to target Apple devices running iOS 18.4 through 18.7. It works through malicious code embedded in websites. In some cases, attackers can compromise legitimate websites and silently deliver the exploit.

Once triggered, the toolkit can extract sensitive information from the device. That includes:

• Messages
• Browser history
• Location data
• Stored credentials
• Cryptocurrency wallet data

The stolen data is then transmitted to remote attacker-controlled servers.

Importantly, users do not need to download anything manually. Simply visiting a compromised webpage may be enough to activate the attack.

Why Apple released iOS 18.7.7 now

Apple pushed the update after reports confirmed that DarkSword tools had already been used in targeted attacks across several countries. These include China, Malaysia, Turkey, Saudi Arabia, and Ukraine.

Security researchers also warned that once exploit tools become public, they often spread quickly among threat actors. That increases the risk for ordinary users worldwide.

The new update ensures older devices still receive protection even if they cannot upgrade to iOS 26. It also protects users who delayed upgrading due to interface concerns linked to Apple’s newer software design changes.

Which devices are affected by the Apple security update?

The update applies to iPhones and iPads running iOS 18 versions between 18.4 and 18.7. These devices were previously exposed to DarkSword vulnerabilities.

Apple confirmed that devices already running iOS 26 received protection weeks earlier. However, millions of users remain on earlier software versions for compatibility or preference reasons.

With iOS 18.7.7 and iPadOS 18.7.7, those devices now receive the same critical protections.

Users who enabled automatic updates should already have the patch installed.

Can visiting a website really compromise your iPhone?

Yes. According to security researchers, DarkSword relies on web-based exploit delivery. That means attackers only need users to load a compromised webpage.

Unlike traditional malware attacks, no manual installation is required. The exploit runs silently in the background.

This makes web-triggered attacks especially dangerous because they reduce visible warning signs for users.

As a result, security updates like iOS 18.7.7 play a critical role in preventing data theft.

How Lockdown Mode adds another layer of protection

Apple also highlighted its optional Lockdown Mode security feature as an effective defense against DarkSword attacks.

Lockdown Mode reduces the attack surface of the device by limiting certain features. These include message attachments, web technologies, and connection requests from unknown sources.

According to Apple, it is not aware of any successful government spyware attacks against devices running Lockdown Mode.

That makes it particularly useful for journalists, activists, and high-risk users.

Why some users delayed updating to iOS 26

Interestingly, Apple noted that some users chose not to upgrade to iOS 26 because of interface changes, including the new “liquid glass” design language.

While interface updates often attract mixed reactions, delaying major OS upgrades can increase exposure to security risks if patches are not applied separately.

The release of iOS 18.7.7 helps address that gap by delivering protections without requiring a full system upgrade.

What users should do next after Apple’s DarkSword patch

Users running iOS 18 should install the latest update immediately. Security fixes are most effective when applied quickly.

To check for updates:

Go to Settings → General → Software Update

If automatic updates are enabled, the device may already be protected.

Keeping software current remains one of the simplest ways to reduce exposure to web-based attacks like DarkSword. With this rollout, Apple has extended protection to millions of older devices still in active use.