Apple has released an emergency iOS 18.7.7 update for all iPhones still running iOS 18 — even if they support iOS 26. The reason is the DarkSword exploit, which allows attackers to gain full control over an iPhone. Recently, it was published in open access for anyone to use, making this iPhone virus even more dangerous. Simply visiting an infected website in Safari is enough.

Apple urgently released an iOS 18 security update against the DarkSword exploit

Apple urgently released an iOS 18 security update against the DarkSword exploit. Image: macrumors.com

What Is the DarkSword Exploit and Why Is It Dangerous

An exploit is a program that uses system vulnerabilities to hack a device. DarkSword is one of the most serious iPhone exploits in recent times. It works through Safari: a user only needs to open an infected web page for the attack to begin automatically — no taps, no downloads, no confirmations.

What is the DarkSword exploit and why is it dangerous. A virus capable of hacking an iPhone is now available to anyone. A very troubling precedent. Image: 9to5mac.com.

A virus capable of hacking an iPhone is now available to anyone. A very troubling precedent. Image: 9to5mac.com

According to Google Threat Intelligence Group, DarkSword exploits six iOS vulnerabilities simultaneously, three of which were unknown at the time of discovery. The attack affects versions from iOS 18.4 to iOS 18.7. If successful, the attacker gains access to messages, photos, contacts, location data, passwords, and even the camera and microphone. DarkSword also specifically searches for cryptocurrency wallet data — Coinbase, Binance, MetaMask, and others.

Previously, such sophisticated attacks were used in targeted operations — against journalists, politicians, and activists. But in March 2026, the DarkSword code was published on GitHub in open access. Now virtually any attacker can use it, dramatically increasing the scale of the threat.

Which iPhones Received the iOS 18.7.7 Update

Initially, Apple released iOS 18.7.7 only for models that don’t support iOS 26: iPhone XS, iPhone XS Max, iPhone XR, and the seventh-generation iPad. However, the update is now available for all iPhones still running iOS 18 — including iPhone 11 and newer models compatible with iOS 26.

This is a rare case: Apple typically doesn’t release patches for a previous system version when a new one is already available. The company prefers to push users toward updating to the latest iOS. But due to the scale of the DarkSword threat, Apple made an exception.

According to Apple, about 25% of devices are still running iOS 18 — that’s hundreds of millions of iPhones worldwide. Some users deliberately choose not to upgrade to iOS 26, partly because of the new Liquid Glass design, which radically changes the interface.

How to Install the iOS 18.7.7 Update

How to install the iOS 18.7.7 update. Update your iPhone to the latest iOS as soon as possible. Image: 9to5mac.com.

Update your iPhone to the latest iOS as soon as possible. Image: 9to5mac.com

The update is installed the standard way:

  1. Open “Settings”
  2. Go to “General” — “Software Update”
  3. Wait for iOS 18.7.7 to appear and tap “Download and Install”

If you have automatic updates enabled, the patch will install on its own. Apple specifically emphasized that the update will be delivered automatically to reach the maximum number of devices.

Important: this is a security update — it doesn’t add new features or change the interface. If you don’t want to upgrade to iOS 26 — your iPhone will stay on the familiar iOS 18, but with the vulnerability patched.

Who Was Attacked by Hackers Through the DarkSword Exploit

According to Google, DarkSword has already been used by hacker groups to hack iPhones in Malaysia, Saudi Arabia, Turkey, and Ukraine. The attacks are carried out by both commercial spyware vendors (such as Turkey’s PARS Defense) and allegedly state-sponsored entities.

In Saudi Arabia, the attack came through a fake website disguised as Snapchat. In Ukraine, DarkSword was used to distribute Ghostblade malware, which collected messages, photos, crypto wallet data, and browser history — and then deleted its own traces.

Who was attacked by hackers through the DarkSword exploit. DarkSword can be stopped by enabling Lockdown Mode, but this is an extreme measure.

DarkSword can be stopped by enabling Lockdown Mode, but this is an extreme measure

After the code was published on GitHub, the threat has moved beyond targeted operations. Researchers emphasize: this now affects not just politicians and journalists, but any user with an unupdated iPhone.

Should You Upgrade to iOS 26 or Is iOS 18.7.7 Enough

If you don’t want to change your familiar interface and upgrade to iOS 26, updating to iOS 18.7.7 will close the specific DarkSword vulnerability. This is the minimum necessary action for protection.

But Apple still recommends upgrading to iOS 26 if your device is compatible. In iOS 26, the DarkSword vulnerability was patched even earlier, and the current system receives patches more quickly and frequently.

iOS 18 and iOS 26 — the choice between a familiar interface and maximum protection

iOS 18 and iOS 26 — the choice between a familiar interface and maximum protection

Practical advice: if your iPhone has banking apps, cryptocurrency wallets, or important work correspondence — update right now. This is exactly the case where you shouldn’t delay. The iOS 18.7.7 patch won’t require you to get used to a new design, won’t break app compatibility, and won’t change how your iPhone works — but it will close the door through which attackers are already actively breaking into devices.