critical

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

April 6, 2026·The Hacker News·Threat Intel
appleioszero-daymobile-securityexploit-kit

Apple Rushes iOS 18.7.7 to More Devices as DarkSword Exploit Kit Poses Active Threat

TL;DR: Apple has urgently expanded iOS 18.7.7 availability to additional devices to combat the DarkSword exploit kit. iPhone and iPad users should immediately check for and install this critical security update, as the threat appears to be actively exploited in the wild.

What You Need to Do RIGHT NOW

If you have an iPhone or iPad:

1. Update immediately: Go to Settings → General → Software Update
2. Enable Automatic Updates: Settings → General → Software Update → Automatic Updates (turn on both options)
3. Restart your device after the update completes
4. Check corporate/MDM devices — IT teams should push this update urgently

What Happened

According to The Hacker News, Apple expanded iOS 18.7.7 and iPadOS 18.7.7 availability to more devices on April 1, 2026, specifically targeting protection against the DarkSword exploit kit. The company's statement indicates users with automatic updates enabled can receive this "important security update" without manual intervention.

The timing and language suggest this is an emergency response to an active threat, not a routine security patch.

Technical Analysis

While Apple hasn't disclosed specific technical details about DarkSword (following their standard practice), the rapid deployment pattern indicates this exploit kit likely targets:


The "exploit kit" designation suggests DarkSword is a packaged toolset that cybercriminals can deploy against multiple vulnerability vectors, making it particularly dangerous for widespread attacks.

Impact & Who's Affected

Affected devices: Any iPhone or iPad running iOS/iPadOS versions prior to 18.7.7

Risk level: Critical — exploit kits are typically used for:


Industries at highest risk: Organizations with BYOD policies, financial services, healthcare, and government agencies where mobile devices access sensitive data.

What You Should Do

For Individual Users:


For IT Teams:

For Security Teams:

The Bigger Picture

This incident highlights several concerning trends:

1. Mobile exploit kits are evolving — DarkSword represents the continued professionalization of mobile-targeted attack tools
2. Apple's response speed suggests the threat level is significant enough to warrant emergency deployment procedures
3. Update fragmentation remains a risk — not all devices receive updates simultaneously, creating windows of vulnerability

The cybersecurity community should expect to see more sophisticated mobile exploit kits as attackers recognize the value of compromising devices that often bypass traditional network security controls.

Bottom line: This isn't just another iOS update. The urgency of Apple's expanded deployment suggests DarkSword poses a real, immediate threat. Update now, ask questions later.

Source: The Hacker News report on Apple's iOS 18.7.7 security update expansion

← All Threat IntelSource: The Hacker News