Apple Issues iOS 18.7.7 Patch to Combat DarkSword Malware Threat

Severity: High (Score: 74.0)

Sources: Theverge, Aol, Tweaktown, Iphoneincanada.Ca, Uk.Pcmag

Summary

On April 1, 2026, Apple released iOS 18.7.7 to address the DarkSword malware vulnerability affecting iPhones running iOS 18.4 to 18.7. The DarkSword exploit allows remote installation of malware and data theft via malicious links. Despite a push for users to upgrade to iOS 26, approximately 16% to 20% of newer iPhones remain on iOS 18 due to resistance against the new Liquid Glass interface. The patch is now available for iPhone models including XS, XR, 11 through 16, and second-gen iPhone SE. Previously, the patch was limited to iPhone XS and XR. Apple has noted an increase in DarkSword's threat level following its leak online, prompting this emergency update. Users are encouraged to enable Automatic Updates to receive the patch. The update also includes protections for older iOS versions 15 and 16 against other vulnerabilities. Key Points: • Apple released iOS 18.7.7 on April 1, 2026, to patch the DarkSword malware vulnerability. • DarkSword can remotely install malware on iPhones running iOS 18.4 to 18.7, affecting 16-20% of users. • The patch is now available for a broader range of devices, including newer iPhones that previously lacked it.

Key Entities

• Data Breach (attack_type)
• Malware (attack_type)
• Phishing (attack_type)
• Zero-day Exploit (attack_type)
• Apple (company)
• China (country)
• Malaysia (country)
• Saudi Arabia (country)
• Turkey (country)
• Ukraine (country)
• DarkSword (malware)
• Coruna (malware)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1566.002 - Spearphishing Link (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• IOS (platform)
• IPadOS (platform)
• IPhone (platform)
• DarkSword Toolkit (tool)