Apple Issues Rare iOS 18 Security Update to Protect Against DarkSword Exploit

Apple today released a new build of iOS 18.7.7 and iPadOS 18.7.7, presumably with a fix for the DarkSword exploit. Apple told Wired that it would release an iOS 18 update for more devices, allowing users with auto-update turned on to receive the security update. iOS 18.7.7 was initially limited to the iPhone XS and XR models, but it is now available for other iPhones.

Apple is pushing the iOS 18 fix to customers who have decided not to upgrade to iOS 26, but the company encourages users with supported devices to update to ‌iOS 26‌ to get better protection.

Devices running ‌iOS 26‌ are already protected against DarkSword, which is a vulnerability that allows a malicious entity to take over an iPhone if the iPhone user visits a website with infected code.

It is highly unusual for Apple to provide a security update to iOS 18 users who simply don't want to upgrade to ‌iOS 26‌, as Apple uses security fixes as a way to push people to the latest version of iOS or iPadOS that their device supports. Apple says that the iOS 18.7.7 update is available for more devices, and devices with older versions of iOS 18 will receive an additional alert to install a Critical Security Update.

Note: We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called DarkSword. The fixes associated with the DarkSword exploit first shipped in 2025.

Devices with older versions of iOS 18 will receive an additional alert to install a Critical Security Update.

DarkSword has received quite a bit of attention, and it has been used by hacker groups to break into the iPhones of people in Malaysia, Saudi Arabia, Turkey, and Ukraine. The exploit kit has also been posted to open source code repository GitHub, which makes it more widely available to bad actors.