DarkSword, a full-chain iOS exploit kit chaining six vulnerabilities — three of them zero-days at time of deployment — silently compromises iPhones running iOS 18.4 through 18.6.2 without requiring any interaction beyond visiting a malicious page. Google's Threat Intelligence Group (GTIG) linked the kit to multiple commercial surveillance vendors and suspected state-sponsored actors targeting devices in Saudi Arabia, Turkey, Malaysia, and Ukraine. Apple patched all six vulnerabilities in iOS 18.7.7, released April 1, 2026. CISA (the U.S. Cybersecurity and Infrastructure Security Agency) has added three of the six CVEs to its Known Exploited Vulnerabilities catalog, ordering Federal Civilian Executive Branch (FCEB) agencies to patch by April 3, 2026.
DarkSword: Technical Details
DarkSword chains six vulnerabilities to move from remote code execution in the browser sandbox all the way to full kernel compromise. GTIG identified the kit from toolmarks embedded in recovered payloads — specific debugging artifacts and memory layout patterns consistent across otherwise unrelated campaigns.
CVE-2025-31277 — JavaScriptCore memory corruption (CVSS v3.1: 8.8 — rated High; network-accessible, low complexity, no authentication required). JavaScriptCore (JSC) is the JavaScript engine powering Safari and all iOS browsers, since Apple mandates use of the WebKit engine on the platform. A JIT (Just-In-Time) compilation type-confusion bug allows a malicious webpage to corrupt heap memory in the renderer process and achieve remote code execution. This CVE was patched in iOS 18.6; devices that had not updated past 18.5.x remained exposed.
CVE-2025-43529 — A second JavaScriptCore memory corruption flaw (CVSS 8.8 — High; zero-day at deployment). DarkSword uses this variant on devices running iOS 18.6, where CVE-2025-31277 is already patched, ensuring the exploit chain remains functional across a broad target population. The two JSC bugs provide redundancy — pick the appropriate entry point based on the detected iOS version.
CVE-2026-20700 — dyld Pointer Authentication Code (PAC) bypass (CVSS 8.6 — High; zero-day). PAC (Pointer Authentication Codes) is Apple's hardware-enforced exploit mitigation that cryptographically signs pointers to detect tampering. Bypassing PAC is a prerequisite for advancing any heap-corruption exploit into stable code execution. CVE-2026-20700 exploits a flaw in dyld — the dynamic linker — to forge valid PAC signatures from an unprivileged user-mode context, stripping one of iOS's primary exploitation barriers. This was patched in iOS version 26.3 (the successor numbering scheme Apple transitioned to in late 2025).
CVE-2025-14174 — ANGLE (Almost Native Graphics Layer Engine) memory corruption in the GPU process (CVSS 8.8 — High; zero-day). ANGLE is a graphics abstraction layer used inside the browser's GPU process. DarkSword exploits this bug to escape the Safari renderer sandbox — a critical step, because the renderer runs under strict seccomp-style isolation. By pivoting through the GPU process, which has higher privileges and hardware access, the attacker breaks out of the renderer jail.
CVE-2025-43510 — iOS kernel memory issue (CVSS 8.6 — High). Once outside the renderer, DarkSword uses this kernel-level flaw to elevate to kernel context.
CVE-2025-43520 — iOS kernel memory corruption (CVSS 8.6 — High). A second kernel vulnerability finalizes the takeover, granting the attacker unrestricted access to the device — including access to the secure enclave, location data, microphone, camera, and all application sandboxes.
Exploitation Status and Threat Landscape
GTIG observed DarkSword in active campaigns targeting individuals in Saudi Arabia, Turkey, Malaysia, and Ukraine since at least November 2025. The kit has been used by at least two distinct threat actor clusters: commercial surveillance vendors (firms that sell targeted spyware to government customers) and suspected state-sponsored operators. The geographic and sectoral targeting profile — journalists, activists, and government officials — is consistent with prior commercial surveillance operations such as Pegasus (NSO Group) and Predator (Cytrox).
CISA added CVE-2025-31277, CVE-2025-43510, and CVE-2025-43520 to the KEV catalog on March 20, 2026. KEV listing is CISA's confirmation of active, real-world exploitation — not theoretical risk.
Three of the six CVEs were introduced into the chain as zero-days: CVE-2026-20700, CVE-2025-43529, and CVE-2025-14174 were unpatched at the time of initial deployment. This is consistent with the operational model of high-end commercial surveillance vendors, who stockpile undisclosed vulnerabilities to maintain reliable access even against well-patched targets.
Lookout, iVerify, and GTIG collaborated on the initial public disclosure in March 2026. Bleeping Computer reported CISA's KEV addition and the federal mandate shortly after.
Who Is Affected
DarkSword targets iPhones and iPads running iOS 18.4 through 18.6.2. The exploit does not require user interaction beyond the renderer entry point — in practice, visiting a malicious or compromised website in Safari is sufficient. No MDM profile, app install, or physical access is needed.
Devices updated to iOS 18.7.7 (build 22H340) are protected against all six vulnerabilities in the chain. Devices still on iOS 18.4, 18.5, or 18.6.x remain at risk.
High-risk targets include journalists, lawyers, political opposition figures, NGO staff, and government officials — the historical audience for commercial surveillance platforms. Given the multi-national targeting footprint, organizations with employees in Saudi Arabia, Turkey, Malaysia, or Ukraine should treat this as an active threat to their mobile device inventory, not a theoretical risk.
Apple extended the iOS 18.7.7 update to older devices in a secondary patch push on April 2, 2026, covering models that cannot upgrade to iOS 19.
What You Should Do Right Now
- Update every managed iOS device to iOS 18.7.7 or later immediately. Navigate to Settings → General → Software Update. This single step closes all six CVEs in the DarkSword chain.
- Verify older devices received the extended update. Apple pushed iOS 18.7.7 to devices that cannot run newer versions; confirm these have applied the update from the runZero device inventory or your MDM console.
- Audit MDM enrollment for any unmanaged or personal iOS devices with access to corporate email, VPNs, or sensitive repositories.
- Enable Lockdown Mode on devices belonging to high-risk individuals (journalists, executives, activists). Lockdown Mode disables several WebKit features and substantially reduces the browser attack surface.
- Review mobile threat defense (MTD) telemetry for suspicious jailbreak indicators, anomalous process spawns from Safari, or unexpected network connections post-browser activity.
- Brief high-risk staff not to click unsolicited links — even in SMS or messaging apps — until all devices are confirmed patched.
Background: Understanding the Risk
DarkSword represents a class of threat known as a full-chain exploit: a sequenced set of vulnerabilities that, when chained together, achieve a specific offensive goal without requiring any single "super-vulnerability." No individual CVE in the chain is rated Critical — each is High (8.x). The power is in the combination: each bug hands off to the next, crossing security boundaries that Apple designed to be independent containment layers.
The browser sandbox, the GPU process, PAC enforcement, and the kernel are each supposed to be separate blast-radius-limiting domains. DarkSword demonstrates that a sufficiently resourced actor can punch through all four in a single automated exploit.
This pattern is not new. The Pegasus spyware operated on a similar full-chain model for years, using what became known as "zero-click" delivery via iMessage. DarkSword requires at minimum a single renderer trigger — a page load — but the practical barrier is trivially low: one phishing link, one watering-hole site, one compromised news page.
The commercial surveillance industry's involvement signals that DarkSword may already be, or soon be, in the hands of additional government customers beyond the two clusters GTIG identified. Once a kit of this sophistication reaches the market, proliferation tends to accelerate — as the name "The Proliferation of DarkSword" in GTIG's own report title suggests.
For defenders, the core lesson is that mobile devices are endpoints with the same threat model as laptops and servers, but they are frequently excluded from patch SLA enforcement. An organization that patches servers within 72 hours of a critical CVE but has no MDM policy enforcing iOS update compliance has an obvious blind spot.
Conclusion
DarkSword is a sophisticated, actively exploited iOS exploit chain that achieved full device compromise against targets in four countries before most devices were patched. Every iOS device not yet running 18.7.7 remains exposed. Update now — Lockdown Mode for high-risk individuals, MDM enforcement for organizations — and treat your mobile fleet with the same urgency as internet-facing servers.
For any query contact us at contact@cipherssecurity.com
