Apple Breaks Tradition With Rare Backported Patches to Protect iOS 18 Users From DarkSword Exploit

Apple will push out rare backported security patches to protect millions of iPhone users still running iOS 18 from the DarkSword hacking tool, marking a significant shift in the company's traditionally rigid update policy.

DarkSword, which researchers at Google, iVerify, and Lookout revealed nearly two weeks ago, can silently take over iPhones when users visit infected websites. While iOS 26 users were already protected, as many as a quarter of all iPhone users remain on iOS 18 — many deliberately refusing to upgrade due to the unpopular "liquid glass" interface in iOS 26.

The exploit has been linked to hacking campaigns in Malaysia, Saudi Arabia, Turkey, and Ukraine, and was posted to GitHub in late March, making it accessible to a wider range of threat actors. A Russian group linked to the Kremlin's FSB has since been observed using DarkSword in phishing emails.

"Apple is now, finally, doing what security researchers have been asking for," said one cybersecurity expert. The company previously only patched iOS 18 for older devices incompatible with iOS 26, telling all others to upgrade.

The controversy highlights growing tension between Apple's design-driven update philosophy and security best practices. Reddit users had accused Apple of using DarkSword as leverage to force adoption of the controversial liquid glass interface.