In a rare move, Apple is rewriting its own security playbook to stop a fast-spreading iPhone hack.
Apple is breaking away from one of its own long-standing security practices following the emergence of “DarkSword,” a sophisticated hacking tool capable of silently compromising iPhones running iOS 18. Instead of requiring users to upgrade to the latest operating system, the company is now issuing a rare security patch for those reluctant to upgrade to its newest software.
This marks a new move for Apple, which has historically taken the firm stance that if users want the latest security protections, they need to update to the newest version of iOS their device supports. This time, however, the growing threat posed by DarkSword, combined with resistance from users who dislike iOS 26, appears to have forced a reassessment of that policy.
Apple confirmed it would release updates specifically designed to protect iOS 18 users from DarkSword, even if their devices can run the newer iOS 26. This process, known in cybersecurity as “backporting,” involves adapting security fixes developed for newer operating systems to protect older versions without requiring a full upgrade.
Estimates suggest that about 221 million to 270 million devices are currently vulnerable to this exploit chain.
A dangerous tool spreading quickly
DarkSword has raised concerns among security researchers due to how easily it can impact devices. The exploit allows attackers to take control of vulnerable iPhones via malicious websites, potentially granting them access to sensitive data such as passwords, messages, contacts, and photos.
The threat has become more serious in recent weeks as the tool has spread to additional hacker groups. Security researchers say it has already been used in attacks across multiple regions, including parts of Europe, the Middle East, and Southeast Asia. The situation became even more concerning after the exploit’s code reportedly appeared on GitHub, thus making it easier for additional threat actors to reuse and modify it for their own campaigns.
iPhones already running iOS 26 were not vulnerable to the attack, but millions of users who stayed on iOS 18 remained exposed, creating pressure on Apple to find a solution that didn’t force a full upgrade. The company’s new patch allows those users to secure their devices while avoiding the controversial design changes introduced in the newer operating system.
Why many users choose to stay behind
Despite the security risks, many iPhone users have purposefully avoided upgrading to iOS 26.
One reason has been somewhat aesthetic, as many were not fans of Apple’s new “Liquid Glass” interface, a redesign that introduced significant visual changes. Some users also reported performance issues, battery concerns, storage limitations, and compatibility issues with specialized apps. In certain cases, regional features such as expanded age-verification tools have also contributed to hesitation.
Estimates cited by security firms suggest that the number of affected users is substantial, with hundreds of millions of iPhones still running older software versions. Apple previously reported that about three-quarters of recently released iPhones had adopted iOS 26, leaving a significant minority still using iOS 18.
Part of a larger pattern of emerging iPhone threats
Unfortunately, this DarkSword situation is not the only major mobile security concern Apple has faced recently. Earlier this year, Apple also issued backported patches to address a separate advanced hacking toolkit known as Coruna, which targeted devices running versions as old as iOS 13.
Security researchers say the spread of tools like DarkSword and Coruna shows how iPhone exploits are becoming more widely available. While iPhone hacking has long been associated with targeted espionage campaigns against high-value individuals, the public release of exploit code has made these techniques more accessible to a wider range of bad actors, such as financially motivated cybercriminals and smaller hacking groups.
Security experts push for faster responses
Some cybersecurity professionals have argued that Apple should have acted more quickly to protect iOS 18 users, given that the vulnerability persisted for weeks before patches were announced. Others view the company’s eventual decision as a pragmatic acknowledgment that not all users can or will choose to upgrade immediately, regardless of security recommendations.
Regardless of how strongly companies encourage it, they can’t force every user to update their software. Apple’s decision reflects the challenge of protecting users who do not immediately upgrade their devices by allowing users to choose between installing the security update or moving to iOS 26 for the most comprehensive protection.
The takeaway for Apple users
Apple continues to emphasize that its newest operating system offers deeper security improvements beyond individual patches. Still, the company’s willingness to protect older systems shows that it may be adapting its strategy as threats become more widespread and user upgrade habits remain inconsistent.
As mobile threats continue to evolve, Apple’s response to DarkSword indicates the need to increasingly accommodate real-world user behavior, and suggests that protecting users may mean meeting them where they are, rather than where companies would prefer them to be.
More Apple news: The tech giant’s next move goes beyond security. Reports say iOS 27 could turn Siri into a hub for multiple AI tools.
Read the full article here
