Cybersecurity researchers from Google's Threat Intelligence Group and two cybersecurity firms, Lookout and iVerify, have identified a new hacking toolkit this week that makes iPhone owners' data vulnerable. The toolkit, called DarkSword, differs from other forms of spyware and malware.
DarkSword doesn't use phishing texts or emails, nor does it require you to download suspicious apps to let hackers into your device. It operates through infected websites, Google's report says, including ones made to look like Snapchat and government contractor sites. After you've browsed those sites, the spyware can be activated, and your information is at risk.
So far, the attacks have been limited to people outside the US, specifically in Saudi Arabia, Turkey, Malaysia and Ukraine, according to Google.
DarkSword is "highly sophisticated," Lookout said in its report. It works by "establish[ing] privileged code execution to access sensitive information and exfiltrate it off the device." DarkSword isn't designed for ongoing surveillance, but it can access a variety of data, including your messages, iCloud content and even crypto wallets.
Google said it was being used by "multiple commercial surveillance vendors and suspected state-sponsored actors."
In a support page published on Thursday, Apple said: "We thoroughly investigated these issues as they were found and released software updates as quickly as possible for the most recent operating system versions to address vulnerabilities and disrupt such attacks."
Google said in its report that it reached out to Apple in late 2025 with its findings.
Researchers found that vulnerable phones were running versions of last year's software, including iOS 18.4 through 18.7. That isn't every phone, but as Apple's own data confirms, approximately one-fifth of iPhone owners are still running iOS 18, leaving potentially millions of people vulnerable.
Keep your iPhone software updated
While Apple has applied fixes behind the scenes, you still need to take action to ensure your iPhone is safe. It's an easy but necessary step to keep your phone secure from external threats: Update your iOS software.
"I always recommend people update their iPhone to the latest iOS software as soon as they can," said CNET's iOS expert Zachary McAuliffe. "Updates usually include new features, but more importantly, they often patch security issues. Delaying an update means malicious actors could exploit a vulnerability on your iPhone, putting your personal data and system security at risk."
Apple said that people who have kept their phones' software up to date are already protected. Google said iOS 26.3, the latest software update, includes fixes to prevent DarkSword attacks, as do previous updates. And iOS 26.3.1 (a), a minor, security-centric update to the main software, was released on Wednesday.
To update your iPhone's software, go to Settings > General > Software Update. If an update is available, it will prompt you to download and install it.
Some older iPhone models may not be able to run iOS 26. Check our guide to see if your phone is included.
If you're not eligible for iOS 26, Apple urges iPhone users to update their software to at least iOS 15, which has protection for older iPhones. The company also says you can consider enabling Lockdown Mode to protect against malicious web content and other threats.
