- A leaked version of the DarkSword tool makes it easier for hackers to target iPhones running older software.
- Researchers warn that the exploit can be used with little skill, lowering the barrier for cyberattacks.
- Vulnerable devices could expose sensitive data, such as messages, contacts, and saved passwords.
- Updating your iPhone to the latest iOS version is the most effective way to stay protected.
Last week, researchers warned about a sophisticated iPhone hacking tool called DarkSword. Now the situation has escalated. A newer version of that tool has been leaked online and posted to a public code-sharing site. That changes everything. What was once limited to advanced attackers is now far easier to access and use. Security experts say this could quickly turn into a widespread threat, especially for people using older Apple software.

Why the DarkSword iPhone hack is more dangerous now
Before the leak, tools like DarkSword required skill, resources and time. Now, much of that barrier is gone. The leaked version is surprisingly simple. It uses basic web technologies like HTML and JavaScript. That means someone with minimal experience could copy the code, host it and launch an attack in a short amount of time. Researchers say the exploits can work right away with little setup. No deep knowledge of iOS is required. That is the real shift here. The tool itself did not suddenly become more powerful. It became easier to use.
Which Apple devices are at risk
This is where the numbers get concerning. DarkSword targets iPhones and iPads running older operating systems, especially iOS 18 and earlier. According to Apple’s own data, a large share of active devices still falls into that group. With billions of Apple devices in use worldwide, that could leave hundreds of millions of users exposed. Apple says these attacks specifically target outdated versions of iOS, often through malicious links or compromised websites. If your device is not updated, it could be vulnerable.
What the DarkSword iPhone hack can access
This is not a minor nuisance. The leaked code includes instructions for pulling sensitive data directly from a device. Once it gains access, it can:
- Extract contacts and messages
- Access call history
- Pull data from the iOS keychain, including saved passwords
- Send that information to a remote server
There are also references to activity that happens after the initial compromise, which suggests attackers can dig deeper once they are inside. In simple terms, this is full access to your digital life.
Apple’s response and what helps
Apple has already addressed the issue for newer devices. The company pushed updates that block these attacks on current versions of iOS. It also released a security update for older devices that are unable to run the latest version of iOS. Apple says these attacks target out-of-date software and can be triggered through malicious links or compromised websites. If your iPhone is up to date, you are already protected. Apple also says keeping your software updated is the single most important step you can take to protect your device. Devices running the latest versions of iOS were not at risk from these attacks. For older devices, Apple released updates on March 11, 2026, to extend protections. Devices running iOS 13 or iOS 14 must update to iOS 15 to receive those protections.
We reached out to Apple for comment, and the company pointed us to its official security guidance for more details.
What you should do right now
If you have been putting off software updates, now is the time to stop. This situation shows how quickly a targeted threat can turn into a mass risk. Once tools like this are public, they spread fast. Even if you are not specifically being targeted, attackers can automatically scan for vulnerable iPhones and go after them in large numbers.
A quick check can make a big difference:
- Go to Settings
- Tap General
- Tap Software Update
- Install the latest version available

Watch the latest episode of The CyberGuy Report.
Missed this event? Sign up via the registration form and see our live recording.
See Kurt’s latest Amazon picks for useful gadgets, smart home upgrades and everyday tech worth grabbing while the deals last.
Ways to stay safe from DarkSword attacks
If this sounds concerning, it should. The good news is that there are a few simple steps that can significantly reduce your risk.
1) Update your iPhone right away
As I mentioned above, this is the most important step. Apple has already patched the vulnerability in newer versions of iOS. If your device is updated, you are protected from this specific attack.
2) Turn on Lockdown Mode if you want extra protection
Lockdown Mode is designed for high-risk situations, but anyone can use it. It limits certain features that attackers often rely on.
Go to Settings > Privacy & Security > Lockdown Mode to enable it.
Keep in mind: Lockdown Mode is an extreme security setting. It restricts some apps, websites and features, and certain functions may not work as expected while it is turned on.
3) Avoid clicking on unknown links or pop-ups
Many of these attacks rely on you to click on malicious links or open a compromised website. If you receive a strange link in a message or email, do not tap it. Also, use strong antivirus software such as Norton Antivirus Plus (CyberGuy Deal: 58% off) to help detect malicious links and block suspicious activity before it can compromise your device.
4) Keep apps and browsers up to date
Even if your iOS is current, outdated apps can still create security gaps. Regular updates close those openings.
5) Reduce your exposure with a data removal service
If your personal information is already circulating online, it can make you an easier target. Data removal services like Incogni help delete your details from data broker sites, which reduces the amount of information attackers can access in the first place.
Incogni, a service I trust 100% and use myself, helps automate the process by submitting removal requests to hundreds of data brokers and people-search sites on your behalf.
Incogni automatically contacts data brokers on your behalf and requests the removal of your personal information. It also continues monitoring those sites and submits new removal requests if your data reappears.
- Incogni currently removes personal data from 420+ data broker and people-search websites, and its Unlimited plan allows you to request removals from as many additional sites as you need.
- Incogni has also received third-party assurance from Deloitte, validating its marketing claims.
- The goal is simple: make it much harder for strangers, scammers, and cybercriminals to find your personal information online.
CyberGuy readers get 60% off Incogni’s annual plans using the links in this article.
The service also includes a 30-day money-back guarantee, so you can try it risk-free and see how much of your information is exposed online.
Is your personal information exposed online?
Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.
6) Use strong device security habits
Set a strong passcode, enable Face ID or Touch ID and avoid using public Wi-Fi without protection. These steps add another layer of defense.
7) Consider using a security or identity monitoring service
Some identity theft protection companies, such as Aura, can alert you if your personal data is exposed or being used without your knowledge. That can help you act faster if something goes wrong. Read more about our review of Aura here.
Related Links:
- iPhone calendar spam invites are surging
- How to transfer data to a new iPhone or Android
- Thousands of iPhone apps expose data inside Apple’s App Store
Kurt’s key takeaways
This is one of those moments where a simple step makes a real difference. Keeping your phone updated is easy to put off, but it is one of the most effective ways to stay protected. When tools like DarkSword become widely available, outdated devices stand out as easy targets. This is real, and it is happening now. So, update your iPhone today.
So here is the bigger question. If a basic update can block a serious attack, what is stopping people from doing it? Let us know your thoughts in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2026 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

