Overview
- Apple, which expanded iOS 18.7.7 on Wednesday, said iPhones still on iOS 18 will now get the DarkSword fix automatically if Automatic Updates is on.
- DarkSword targets iOS 18.4 through 18.7 and uses a chain of web and system flaws to seize kernel control after a user visits a booby‑trapped website.
- A working build of the exploit was posted to GitHub, and researchers say it has been used by commercial surveillance vendors and suspected state‑linked groups in countries including Malaysia, Saudi Arabia, Turkey and Ukraine.
- Apple notes iOS 26 already includes these protections, users with auto‑update off can choose either the patched iOS 18.7.7 or iOS 26, and Lockdown Mode blocks these web attacks.
- The move breaks Apple’s usual policy of withholding old‑OS patches from devices that can upgrade, reflecting slow adoption of iOS 26 and ensuring holdouts receive build 22H340 without manual action.