Ethical Hacking News
A global cybersecurity alert has been issued by Apple as it expands its iOS 18.7.7 update to more devices, aiming to block the recently disclosed DarkSword exploit kit. This move comes in light of the growing concern surrounding the DarkSword exploit kit, which has been used in cyber attacks targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine since July 2025.
Apple has expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 updates to more devices to block the DarkSword exploit kit.The DarkSword exploit kit targets iOS and iPadOS devices running versions between iOS 18.4 and 18.7, using watering hole attacks to deploy backdoors and data miners.The exploit kit has been linked to Russia-linked threat actors and reused by Coruna iOS Kit for mass attacks.Apple is also issuing Lock Screen notifications to alert users of web-based attacks and urge them to install the latest updates.The move highlights the need for a more comprehensive security framework that addresses supply chain risks and cybersecurity threats in the mobile ecosystem.
Apple, a leading tech giant, has taken proactive steps to safeguard its users by expanding the availability of iOS 18.7.7 and iPadOS 18.7.7 updates to more devices, aiming to block the recently disclosed DarkSword exploit kit. This move comes in light of the growing concern surrounding the DarkSword exploit kit, which has been used in cyber attacks targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine since July 2025.
The DarkSword exploit kit is a sophisticated tool that targets iOS and iPadOS devices running versions between iOS 18.4 and 18.7. The attack gets triggered when a user visits a legitimate-but-compromised website that hosts the malicious code as part of what's called a watering hole attack. Once launched, the attacks deploy backdoors and a dataminer for persistent access and information theft.
The DarkSword exploit kit has been linked to Russia-linked threat actors known as COLDRIVER (aka TA446) and TeamPCP, who have used it to deliver the GHOSTBLADE data stealer malware in attacks targeting government, think tank, higher education, financial, and legal entities. The kit is also being reused by Coruna iOS Kit, which has been linked to mass attacks.
To address this growing concern, Apple has taken a proactive approach by expanding the availability of its iOS 18.7.7 update to more devices. This move aims to protect users who are still running older versions of iOS and iPadOS from the risk posed by the DarkSword exploit kit.
The latest update is available for a range of devices, including iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all models), iPhone SE (2nd generation), iPhone 12 (all models), iPhone 13 (all models), iPhone SE (3rd generation), iPhone 14 (all models), iPhone 15 (all models), iPhone 16 (all models), and iPhone 16e, as well as iPad mini (5th generation - A17 Pro), iPad (7th generation - A16), iPad Air (3rd - 5th generation), iPad Air 11-inch (M2 - M3), iPad Air 13-inch (M2 - M3), iPad Pro 11-inch (1st generation - M4), iPad Pro 12.9-inch (3rd - 6th generation), and iPad Pro 13-inch (M4).
This move is seen as a significant step by Apple to address the growing concern surrounding the DarkSword exploit kit. By expanding the availability of its iOS 18.7.7 update, Apple aims to provide its users with an additional layer of protection against cyber threats.
However, this move also highlights the ongoing issue of supply chain and cybersecurity risks associated with third-party apps and services. The fact that powerful spyware for iPhones may not be as rare as previously thought, and that they could become attractive tools for mass exploitation, is a concern that needs to be addressed by the tech industry and regulatory bodies.
In response to this growing concern, Apple has also begun issuing Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS, alerting users of web-based attacks and urging them to install the latest updates. This move aims to educate users about the risks posed by the DarkSword exploit kit and provide them with an additional layer of protection.
The discovery also highlights the need for a more comprehensive security framework that addresses the growing threat landscape in the mobile ecosystem. While Apple's proactive response is a significant step, it is essential that the tech industry and regulatory bodies work together to develop a more robust security framework that addresses the ongoing issue of supply chain risks and cybersecurity threats.
In conclusion, Apple's expansion of its iOS 18.7.7 update to more devices is a proactive move aimed at protecting users from the risk posed by the DarkSword exploit kit. However, this move also highlights the ongoing issue of supply chain and cybersecurity risks associated with third-party apps and services. It is essential that the tech industry and regulatory bodies work together to develop a more robust security framework that addresses these growing concerns.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Global-Cybersecurity-Alert-Apples-Proactive-Response-to-the-DarkSword-Exploit-Kit-ehn.shtml
https://thehackernews.com/2026/04/apple-expands-ios-1877-update-to-more.html
https://www.tomsguide.com/phones/iphones/more-than-220-million-iphones-under-attack-from-new-darksword-exploit-how-to-stay-safe
Published: Thu Apr 2 03:00:13 2026 by llama3.2 3B Q4_K_M
