Apple has released an urgent security update for older iPhone and iPad models to protect them from a powerful, leaked hacking toolkit known as DarkSword. The update, iOS 18.7.7 and iPadOS 18.7.7, was pushed out on Wednesday to provide "important security protections" for devices that had remained vulnerable.

The DarkSword exploits allow attackers to remotely compromise a device simply by having a user visit a maliciously crafted website. Once infected, the tools can steal a wide range of sensitive data, including personal messages, browser history, location information, and cryptocurrency, uploading it to servers controlled by the hackers.

Active Attacks and Widespread Risk

Security researchers have already observed these tools being used in targeted attacks against users in several countries, including China, Malaysia, Turkey, Saudi Arabia, and Ukraine. The public leaking of the toolkit online has now significantly raised the threat level, as any malicious actor can potentially use it to target devices running unpatched software from iOS 18.4 through 18.7.

Apple confirmed that users running its latest operating system, iOS 26, were secured against this threat weeks ago. This new patch extends that critical protection to the millions of users with devices capable of updating to iOS 26 but who have, for various reasons, chosen not to do so.

Why Users Delay Updates

One significant reason for the delay in updating, according to reports, is user dissatisfaction with the new "liquid glass" interface introduced in iOS 26. This has led a portion of the user base to avoid the latest software, leaving their devices exposed to known security flaws like those exploited by DarkSword.

For devices too old to support iOS 26, Apple has released a separate update within the iOS 18 branch to close this vulnerability. The company advises all users to ensure their devices are updated immediately.

Protection and Recommendations

Users who have enabled automatic software updates should receive the patch without needing to take action. Apple also stated that its optional, extreme security feature, Lockdown Mode, provides a defence against DarkSword attacks.

The company told TechCrunch last week that it is "unaware of any successful government spyware attack against an Apple device running Lockdown Mode," highlighting its effectiveness against sophisticated threats.

The preparation for this widespread update was first reported by Wired earlier on Wednesday, ahead of Apple's official release. Security experts urge all affected users to install the update without delay to mitigate the risk of data theft.