If you are reading this on an iPhone, you need to be cautious. A powerful new version of the DarkSword exploit kit has been publicly posted on GitHub, and this translates to serious outcomes for many iPhone users around the world. The public availability of the DarkSword exploit tool gives even amateur hackers the ability to compromise hundreds of millions of iPhones and iPads around the world.
The leak of the tool on GitHub, which was discovered this week, makes the sophisticated spyware tool freely available online. To underline how tricky the DarkSword tool can be, here’s everything it can do – silently steal contacts, messages, call history, Wi-Fi passwords, keychain credentials, location data, health information, and other sensitive files from vulnerable devices without any user interaction.
DarkSword public release raises alarm
The kit consists of simple HTML and JavaScript files that can be hosted on a basic web server in minutes – no advanced technical skills are required. Once a victim is exposed to a malicious link, the exploit gains filesystem access and exfiltrates data to an attacker-controlled server.
Security researcher Matthias Frielingsdorf from iVerify said that the leak was “bad,” warning that the tools are “way too easy to repurpose.” He also said that containment of the tool is now nearly impossible, and criminals are expected to start deploying the kit rapidly.
A hobbyist researcher on X (formerly Twitter) demonstrated how easy it is to hack an iPad mini running iOS 18 using the leaked code. He is calling the process “trivial.”
Data from Apple shows that approximately 25% of the more than 2.5 billion active iOS devices worldwide are still running iOS 18 or older versions. Hence, the leak of this exploit tool translates to hundreds of millions of phones and tablets at risk. Note that the exploits specifically target older iOS versions, and devices updated to the latest iOS 26 release are not affected.
What should older Apple users do?
Apple has confirmed that it is aware of the threat and released emergency security patches on March 11 for older devices that cannot run newer software. The company strongly recommends keeping software up to date and enabling Lockdown Mode for additional protection.
Experts are urging all iPhone and iPad users to update immediately to the latest available iOS version, even those who are no longer on the iOS 26 update cycle. Those on iPhone XR and older models should install Apple’s March emergency security updates without delay.