Millions of iPhone users are at risk: a malicious exploit for outdated iOS and iPadOS has been published on GitHub

DarkSword Exploit Source Code Found – Threat to Legacy iOS and iPadOS

A repository containing the full source code of the DarkSword exploit has appeared on GitHub. It is specifically designed to target vulnerabilities in older versions of Apple operating systems: iOS 15/16 and iPadOS 15/16.

Source of Information
* iVerify, Lookout, and Google's cyber‑threat analysis unit (GTIG) had previously announced the existence of this vulnerability.
* 9to5Mac confirmed details: the exploit is a chain of multiple attack vectors, including WebKit components.

How DarkSword Works
1. Attack vector – HTML and JavaScript scripts loaded from an attacker’s server.
2. Chain of vulnerabilities – includes issues in WebKit that have already been fixed.
3. If a user has not installed patches from iOS 16.7.15 / 15.8.7 or iPadOS 16.7.15 / 15.8.7 updates, the exploit can:
* Steal confidential data;
* Gain full control of the device.

Exploitation does not require deep knowledge of iOS architecture; an attacker can launch the attack instantly after loading the script onto their server.

What Apple Did
* On Apple's support page a document was published emphasizing the critical need for timely software updates even for devices that officially do not receive new OS versions.
* The text mentions lock‑screen mode as additional protection against such attacks.

Apple confirmed it is aware of attempts to target older OS versions and reminded users about the emergency update released on March 11.

Expert Commentary
Mattias Frilingsdorf (co‑founder of iVerify) stated:
* New versions of DarkSword use the same infrastructure as previously analyzed samples.
* The exploit code is a simple HTML/JS page that any user can copy and host on their own server within minutes or hours.
* Exploit usage is expected to increase soon due to its ease of deployment.

Microsoft’s Reaction
Microsoft, which owns GitHub, has not yet responded to journalists’ inquiries about the publication of the source code.

Conclusion:
If your device runs iOS 15/16 or iPadOS 15/16, be sure to install available updates. Otherwise you risk becoming a victim of the DarkSword exploit, capable of not only stealing data but also fully taking control of your gadget.