Apple has issued a security bulletin urging iPhone users to update to the latest version of iOS after researchers uncovered web-based attacks targeting outdated devices via malicious links and compromised websites.
The warning appears to address the DarkSword exploit chain disclosed yesterday by Lookout, iVerify, and Google’s Threat Intelligence Group, although it’s not explicitly mentioned in Apple’s bulletin. In those reports, researchers said attackers used compromised Ukrainian websites, including a government domain, to deliver the iPhone exploit framework via watering-hole attacks. The DarkSword exploit chain leveraged six distinct vulnerabilities in JavaScriptCore, dyld, ANGLE, and the iOS kernel.
Apple says devices running the latest supported versions of iOS 15 through iOS 26 are already protected. The company also released updates for iOS 15 and iOS 16 on March 11, 2026, to extend protections to older devices that cannot upgrade further.
“If you have kept your iPhone software up to date, then you are already protected,” reads Apple’s security bulletin.
“Keeping your software up to date is the single most important thing you can do to maintain the security of your Apple products, and devices with updated software were not at risk from these reported attacks.”
For iPhones still running iOS 13 or iOS 14, Apple says users must upgrade to iOS 15 to receive the fixes and will also get an additional Critical Security Update alert in the coming days.
Although Apple did not name DarkSword in the bulletin, the timing and description match the exploit chain documented in the coordinated research. That campaign used malicious web content to compromise vulnerable iPhones and deploy payloads capable of stealing messages, passwords, app data, and cryptocurrency wallet information.
Apple says iPhones running fully updated software were not affected by the reported attacks. Devices with Lockdown Mode enabled were also protected against this specific web-based activity, even if they were running older software, though Apple still recommends updating as soon as possible.
The company also noted that Safari’s Safe Browsing feature, enabled by default, blocks the malicious domains identified in the attacks.
Users who have not updated their iPhone recently should install the latest available iOS release immediately. Those on older devices should upgrade to iOS 15 where possible and enable Lockdown Mode if supported.
Leave a Reply