A new version of iPhone exploit kit DarkSword has been leaked on GitHub; iVerify co-founder Matthias Frielingsdorf says the exploits “will work out of the box”
Lorenzo Franceschi-Bicchierai Zack Whittaker — Last week, cybersecurity researchers uncovered …
TechCrunch
Related Coverage
- DarkSword exploit, which affects outdated versions of iOS, leaks on GitHub 9to5Mac · Marcus Mendes
- DarkSword Exploit Threatens iPhones Still Running iOS 18 TidBITS · Adam Engst
- @etas0n DarkSword is missing a PPL/SPTM bypass. We still need a reverse engineered version of the bypasses in Coruna to jailbreak (maybe) up to 17.3.1 on arm64e devices. arm64 updates will come sooner. @opa334@infosec.exchange
- https://github.com/... Unlike other repos, this one was not written by generative AI. — WIP @opa334@infosec.exchange
Discussion
-
@matteyeux
@matteyeux
on x
Got kernel R/W on an iPad mini 6th gen running iOS 18.6.2 using the in the wild exploit chain darksword [image]
-
@zeroxjf
Johnny
on x
DarkSword payloads have surfaced and appear to be a full iOS 18.4 staged chain with WebContent RCE, SB escape, a kernel PE/KRW bundle, and post-exploit logic for task ops, process injection, and data collection. Not going to publicly link the payloads. Legit researchers can DM me
-
@amfi_d
@amfi_d
on x
I'm reverse-engineering DarkSword and found that it supports 26 iPhone models with only 34,000 offsets. That's crazy.
-
@zeroxjf
Johnny
on x
Update: he's now got the exploit fully working on A15 15.1.1, says offsets hardcoded for that config/you need to supply your own for others.
-
@matteyeux
@matteyeux
on x
@John011235 Real iPad
-
@mastermike88
Michael
on x
For the first time in over two years, there is set to be a new kernel exploit for up to iOS/iPadOS 18.7.1 and 26.0.1 - including the latest EoL versions for 15.x (presumed)/16.x/17.x. [Note: Just like the Coruna kit chain a few weeks ago, stuff here is subject to
-
@zeroxjf
Johnny
on x
Looks like opa334 has extracted the kernel exploit https://github.com/...
-
@evacide
@evacide
on bluesky
If you have an iPhone, today is a good day to make sure you are running the latest software. techcrunch.com/2026/03/23/s...
-
@yuda.org
John Yuda
on bluesky
Seems like apple will go to great lengths to get people to adopt Liquid Glass [embedded post]
-
@kevincollier
Kevin Collier
on bluesky
You really gotta watch this space. I might be wrong, but feels like we're watching a wave starting to crest. Could see mass takeover of old/unpatched iPhones in a way we've never seen before. [embedded post]
-
@lorenzofb
Lorenzo Franceschi-Bicchierai
on bluesky
SCOOP: Someone has found new samples of the iPhone spyware DarkSword and published them on GitHub, putting millions of iOS users at risk. — A cybersecurity researcher told us that the leaked spyware is “way too easy to repurpose” and “we need to expect criminals and others to s…
-
@zackwhittaker.com
Zack Whittaker
on bluesky
NEW: Someone has publicly leaked an exploit toolkit called DarkSword, which allows any hacker or cybercriminal to easily hack iPhones and iPads running iOS 18. — Apple said it is aware & has issued patches. Security researchers have already tested the code as working. — w/ @…