Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Apple Releases Critical iOS Update to Combat DarkSword Threat

Apple Releases Critical iOS Update to Combat DarkSword Threat

Posted on April 2, 2026 By CWS

On April 1, 2026, Apple expanded the reach of its iOS 18.7.7 and iPadOS 18.7.7 updates to include a wider array of devices, aiming to shield users from the DarkSword exploit. This critical security update is designed to protect millions of users still operating on iOS 18, who are vulnerable to this complex, web-based exploit capable of covertly exfiltrating sensitive user data.

Understanding the DarkSword Threat

Originally identified in November 2025 by Google’s Threat Intelligence Group alongside iVerify and Lookout, DarkSword is a sophisticated iOS exploit kit. It targets devices running iOS versions 18.4 through 18.7, exploiting six distinct vulnerabilities. These include flaws in JavaScriptCore, dyld, and the iOS sandbox, enabling attackers to execute full kernel-level code without user interaction beyond visiting a compromised website.

Once activated, DarkSword rapidly extracts passwords, messages, browsing history, location information, cryptocurrency wallet contents, and even Apple Health data before erasing evidence of its presence.

Public Exposure and Increased Threat

The threat posed by DarkSword intensified in March 2026, following its public leak on GitHub, which simplified its use for less experienced malicious actors. Commercial surveillance firms and alleged state-sponsored entities had already utilized it against targets in countries like Saudi Arabia, Turkey, Malaysia, and Ukraine.

In response, Apple initially released iOS 18.7.7 on March 24, 2026, and broadened its availability on April 1, 2026, highlighting the urgency of mitigating the DarkSword threat.

Security Measures and Recommendations

This update marks a significant policy shift for Apple, which typically requires users to adopt the latest iOS versions to receive security fixes. Now, approximately 20% of iOS 18 users can receive critical patches originally developed in 2025.

The update addresses over 20 vulnerabilities across key system components, including:

  • 802.1X authentication flaws (CVE-2026-28865)
  • Kernel vulnerabilities (CVE-2026-20687, CVE-2026-28867, CVE-2026-28868)
  • Security Framework permissions issues (CVE-2026-28864)
  • WebKit bugs allowing cross-site scripting and other attacks (CVE-2026-28861, CVE-2026-20643, CVE-2026-20665, CVE-2026-28871)
  • AppleKeyStore and CoreMedia flaws (CVE-2026-20637, CVE-2026-20690)

The update is available for a wide range of devices, from the iPhone XR to the iPhone 16e, and various iPad models. Devices with Automatic Updates enabled will receive the update automatically.

For users at higher risk, Apple’s Lockdown Mode offers additional protection against DarkSword. However, for comprehensive long-term security, Apple advises upgrading to iOS 26.3 or later, where all DarkSword-related issues are fully resolved.

Stay informed with our cybersecurity updates by following us on Google News, LinkedIn, and X. Contact us to share your stories.

Cyber Security News Tags:Apple, Apple update, Cybersecurity, DarkSword, data protection, iOS 18.7.7, iOS exploit, iOS security, iPadOS, iPhone, kernel exploit, security update, software update, Vulnerability, WebKit

Post navigation

Previous Post: Cisco Addresses Critical Security Vulnerabilities
Next Post: Emerging Cyber Threats and Security Flaws Reviewed

Related Posts

South Asian APT Hackers Using Novel Tools to Compromise Phones of Military-Adjacent Members South Asian APT Hackers Using Novel Tools to Compromise Phones of Military-Adjacent Members Cyber Security News
VoidLink Rewrites Rootkit Playbook with Server-Side Kernel Compilation and AI-Assisted Code VoidLink Rewrites Rootkit Playbook with Server-Side Kernel Compilation and AI-Assisted Code Cyber Security News
Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control Hackers Weaponizing Telegram Messenger with Dangerous Android Malware to Gain Full System Control Cyber Security News
FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code Cyber Security News
Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants Cyber Security News
New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account New Phising Attack Targeting Travellers from Hotel’s Compromised Booking.com Account Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Top Post-Quantum Cryptographic Solutions for 2026
  • Armored Likho’s BusySnake Threatens Government and Energy Sectors
  • Scammers Exploit Brand Trust to Lure Casino Traffic
  • FBI Alerts on TeamPCP’s Widespread Developer Tool Attacks
  • AI Code Editor Vulnerabilities Risk OS-Level Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Top Post-Quantum Cryptographic Solutions for 2026
  • Armored Likho’s BusySnake Threatens Government and Energy Sectors
  • Scammers Exploit Brand Trust to Lure Casino Traffic
  • FBI Alerts on TeamPCP’s Widespread Developer Tool Attacks
  • AI Code Editor Vulnerabilities Risk OS-Level Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark