DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
Summary
A new exploit kit targeting Apple iOS devices, known as DarkSword, has been observed in the wild since November 2025. This kit leverages six vulnerabilities, including three zero-days, to achieve full device takeover and steal sensitive data. It is being used by commercial surveillance vendors and suspected state-sponsored actors.
IFF Assessment
The existence of a sophisticated exploit kit with zero-day capabilities poses a significant threat to user security and privacy, enabling unauthorized access and data theft.
Severity
Defender Context
The emergence of the DarkSword exploit kit highlights the persistent threat posed by advanced attack tools capable of exploiting zero-day vulnerabilities in popular mobile operating systems. Defenders should remain vigilant for signs of compromise and prioritize rapid patching of known vulnerabilities while also investing in advanced threat detection and response capabilities to counter novel exploits.