Catastrophic new iPhone threat leaked to hackers — are you safe?

Apple can’t catch a break. With another week comes another major exploit capable of infecting millions of iPhones worldwide.

The latest threat, dubbed DarkSword, leverages “multiple zero-day vulnerabilities to fully compromise devices,” according to the Google Threat Intelligence Group. Here’s how to know if your iPhone is at risk.

Cyber threats are becoming quite common within Apple’s walled garden — a major shift from iOS’ “unhackable” reputation of yesteryear.

Approximately 244 million iPhones are vulnerable right now to targeted hacking campaigns through DarkSword.

The thing that makes this latest exploit so dangerous is that the code behind the vulnerability was leaked on GitHub, one of the largest developer social media websites on the planet.

On one hand, having the code available to the public will make it easier for Apple to pinpoint the flaws in its software, leading to a faster solution. On the other hand, DarkSword is now broadly accessible to hackers and cybercriminals both foreign and domestic, giving bad actors the tools they need to hack into any iPhone that fits the criteria.

Through GitHub, hackers essentially have a shortcut to attack iPhone users at scale.

How does DarkSword work?

DarkSword functions similarly to the Coruna exploit we covered last month in that it strings multiple zero-day vulnerabilities together into one exploit chain that can be used to breach the security of a targeted device. Based on findings from the Google Threat Intelligence Group, DarkSword has already been used on phones in Saudi Arabia, Turkey, Malaysia, and Ukraine as early as November 2025.

Now that the code is available on GitHub, however, the exploit chain could be picked up and executed on devices anywhere in the world, including the United States.

RELATED: New hack poses biggest iPhone threat in 19 years: What you can do

Xaume Olleros/Bloomberg/Getty Images

Is your iPhone at risk?

The good news is that DarkSword can only breach a very specific subset of iOS-powered devices, namely iPhones on iOS 18.4 through 18.7. You are safe from this particular threat if you have already installed iOS 26 on your phone or if you run a version prior to iOS 18.

The bad news is that 16.09% of active iPhones in the market still run on iOS 18. That means approximately 244 million iPhones are vulnerable right now to targeted hacking campaigns through DarkSword.

Many millions still run their iPhones on vulnerable operating systems.Chart via iOS 18 Marketshare 2026/TelemetryDECK

How to protect your devices from DarkSword

There are two ways to protect your phone from the DarkSword exploit:

1. Update your phone to iOS 26 immediately. This will mitigate any threats from DarkSword.
2. If your phone is still on iOS 18, Apple released an update on April 1 that effectively fixed the vulnerability. Download and install iOS 18.7.7 as soon as possible.

Although DarkSword poses the biggest threat to iPhone users, iPads on iPadOS 18 are also at risk. Follow these same steps to patch the software on your iPad, as well.

Due to the widespread nature of this threat, it’s a good idea to share this information with your family and friends. Let the people in your life know that their iPhone (or iPad) may be vulnerable to attacks unless they update accordingly.

Add an extra layer of protection to your iPhone

DarkSword is part of a growing string of threats plaguing iPhone lately, including Coruna and CVE-2026-20700. As someone who has followed Apple closely since the dawn of iPhone, the state of iOS security is uncharacteristically fragile these days, with new vulnerabilities popping up practically every month. We’ll continue to watch this space for new developments leading into the summer season when Apple shows off the next generation of iOS. In the meantime, you can keep your devices safe by updating to the latest version of iOS the moment it’s available.

Screenshots by Zach Laidlaw/iOS 26.4.1 on iPhone 17 Pro Max

In addition to major operating system releases, Apple has started to issue smaller “Background Security Improvements” for its major mobile platforms. These updates are meant to provide faster solutions to potential threats between larger software versions. To ensure that your device receives Background Security Improvements, open the “Settings” app, tap “Privacy & Security,” select “Background Security Improvements” at the bottom, and check the toggle beside “Automatically Install.”

But note: Background Security Improvements are only available for devices on iOS 26.1 or higher. If you’re still on iOS 18 or lower, you cannot take advantage of this extra security feature.