Apple released iOS 18.7.7 on Tuesday, addressing the DarkSword exploit chain discovered by Google’s Threat Intelligence Group (GTIG). The update targets vulnerabilities in iOS 18.4 to 18.7, which hackers exploited for espionage and theft in Malaysia, Saudi Arabia, Turkey, and Ukraine. DarkSword combines multiple attack vectors, bypassing security layers to compromise devices.

Prior updates only patched older iPhones unable to run iOS 26, leaving newer devices exposed. Critics argued Apple’s delayed backporting of fixes risked user safety. Today’s update ensures all iPhones on iOS 18 receive protections, regardless of compatibility with iOS 26. Backporting—porting fixes to older systems—is now standard practice after pressure from security experts.

Auto-update users will receive the patch automatically. Apple emphasized that iOS 26 offers superior defenses but noted 74% of iPhones from the last four years already run it. Users can manually install via Settings > General > Software Update. The move underscores Apple’s response to rising state-sponsored and commercial cyber threats.

Security analysts stress timely updates are critical. DarkSword’s proliferation highlights the urgency of patching, as hackers increasingly target high-value devices. Apple’s proactive rollout aims to mitigate risks, though debates persist over why patches weren’t distributed earlier. The update marks a rare full-coverage security response for a major exploit.