Apple has recently broadened the reach of its software updates, specifically iOS 18.7.7 and iPadOS 18.7.7, to a wider array of devices. This strategic move aims to enhance user security against the notorious DarkSword exploit kit, a sophisticated hacking tool that has been utilized in targeted cyber-attacks. The implications of these updates are significant, as they provide critical security patches to users of older operating systems without necessitating an upgrade to the latest version.
This timely update permits devices still operating on iOS 18 to receive essential security measures without the need for an immediate transition to the newest operating system. It’s worth noting that the security fixes embedded in this update were initially made available in 2025. However, Apple took the proactive step of expanding access on April 1, thereby enabling a larger user base to benefit from automatic protections against emerging web-based threats linked to the DarkSword toolkit.
The DarkSword exploit poses a serious threat to devices running iOS versions between 18.4 and 18.7. By employing a technique known as a “watering hole attack,” the exploit can inject malware into devices simply when users visit compromised websites. This form of cyber vulnerability is particularly alarming because it capitalizes on unsuspecting users, instigating malware deployment through seemingly innocuous online activity.
### Devices Now Eligible for the Update
The expanded availability of the update encompasses many iPhone and iPad models still using iOS 18. Notable devices set to benefit from these enhancements include:
– iPhone XR through iPhone 16 models
– iPhone SE (2nd and 3rd generation)
– Various iPad mini, iPad Air, and iPad Pro models
– iPad (7th generation)
For users who have enabled automatic updates, the installation of the patch will occur seamlessly without user intervention. Those who do not have this feature activated will have the option to manually update to the patched version of iOS 18 or choose to upgrade to the more recent iOS 26.
### DarkSword Exploit and Ongoing Attacks
Security researchers have been closely monitoring the activities associated with the DarkSword exploit kit, which has been wreaking havoc in the cyber landscape since July 2025. Numerous users across various countries have fallen victim to these insidious attacks. The exploit leverages six different vulnerabilities and has been linked to an array of threat actors, including surveillance organizations and groups suspected of espionage activities. The malware employed in these attacks, such as GhostBlade, GhostKnife, and GhostSaber, is designed to surreptitiously steal sensitive data from compromised devices.
Rocky Cole, co-founder and COO at iVerify, highlighted the severity of this threat by stating, “DarkSword silently steals vast amounts of user [data] purely because the user visited a real (but compromised) website.” His sentiments resonated with the broader security community’s acknowledgment that unpatched devices on older iOS versions could face significant risks.
In an alarming twist, researchers disclosed that the DarkSword exploit kit was leaked on GitHub, raising fresh concerns about the potential for additional attackers to exploit this vulnerability. The capability of the exploit to install backdoors further exacerbates the security risks, allowing for the theft of sensitive information once a device has been compromised.
### Apple Takes Unusual Step with Older OS Updates
In a departure from its usual practice, Apple has elected to extend support for older operating systems by delivering these important security updates. Typically, Apple ceases updates for older software once a new version is launched. However, this recent initiative allows users still operating on iOS 18 to continue receiving vital security patches, sidestepping the necessity for an immediate upgrade to a newer operating system.
Vincenzo Iozzo, CEO and co-founder at SlashID, remarked on the importance of this decision. He noted, “The combination of its reliability and accessibility is likely why Apple decided to backport the patch.” Nevertheless, he also underscored that this approach leaves a significant portion of the customer base exposed to security vulnerabilities.
Adding another layer of user awareness, Apple has begun sending lock screen notifications to users operating on older software versions, urging them to install the latest security updates to safeguard their devices against active threats. This step underlines Apple’s commitment to user security while striving to protect its extensive range of devices from the ever-evolving landscape of cyber threats.