Apple issues warning to millions of iPhone users over sophisticated attack stealing data: Act NOW
Apple has released an urgent iOS update, urging millions of iPhone users to download it immediately.
The company has expanded the availability of the iOS 18.7.7 and iPadOS 18.7.7 updates to a much wider range of devices, warning that the software includes critical protections against a cyberattack method known as DarkSword.
Apple said this allows more users with automatic updates enabled to receive protection against what it describes as web-based attacks.
First identified in 2025, the DarkSword exploit kit was designed to target vulnerable Apple devices and secretly install malware.
Security researchers said the attack was triggered when a user visited a legitimate website that was surreptitiously infected with malicious code; This tactic is known as the ‘watering hole attack’.
Once activated, the malware can install hidden backdoors that allow hackers to gain prolonged access to a device and steal sensitive information.
A newer version of the hacking tool has now leaked online, raising fears that other cybercriminal groups could start using it in wider attacks, experts have warned.
Users who believe they may be the target of such attacks, especially journalists, activists, or those dealing with sensitive information, are encouraged to enable Apple’s Lockdown Mode by going to Settings, selecting Privacy & Security, tapping on Lockdown Mode, and following the instructions to turn it on and restart their device.
Apple has expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 updates to a much wider range of devices, warning that the software includes critical protections against a cyberattack method known as DarkSword
Cybersecurity firms, including Google’s Threat Intelligence Group and Lookout, had previously revealed that the DarkSword toolkit had been used in attacks targeting users in Saudi Arabia, Turkey, Malaysia and Ukraine since July 2025.
The team found that it exploited some hidden vulnerabilities in iPhones and the Safari browser.
This allows attackers to surreptitiously install malware on a device; This reminds you why keeping your phone up to date is so important.
In some cases, attackers created fake websites or apps, such as a similar version of Snapchat, to trick people, while in others they hacked legitimate websites, including a government site.
Once a phone is infected, hackers can install different types of spyware depending on their purpose.
A version called ‘Ghostblade’ was designed to steal large amounts of personal information.
This includes text messages, call history, contacts, photos, emails, passwords, location data, browsing history, and even files stored in iCloud.
It can also access messages from applications such as WhatsApp and Telegram.
DarkSword combines six separate flaws in iOS and Safari that allow attackers to silently install malware on targeted devices and underscores the critical importance of keeping software updated
The malware searches for cryptocurrency apps and wallets; This means it could potentially steal digital assets or sensitive financial data.
Apple first released the iOS 18.7.7 update on March 24, 2026, but it was limited to a small number of older devices at the time.
The tech giant has now expanded the update to a much wider range of iPhones and iPads, including devices that can upgrade to newer operating systems but are still running older versions.
In a statement shared with WIRED, an Apple spokesperson said the company made the unusual move to expand the update in order to protect users who have not yet upgraded to the latest software.
Users who do not have automatic updates enabled can manually install the patch by updating their device to the latest secure version of iOS 18 or upgrading to iOS 26.
Cybersecurity researchers say the threat highlights growing concerns that sophisticated spyware targeting iPhones is becoming more common.
“DarkSword silently steals large amounts of user data because the user visits a real but compromised website,” said Rocky Cole, co-founder of cybersecurity firm iVerify.
Apple has also begun sending lock screen alerts to some users running outdated software, asking them to install updates immediately.
Experts warned that failure to install the patch could leave devices vulnerable to data theft and long-term surveillance.
