DarkSword iOS exploit kit leaked on GitHub - hundreds of millions of unpatched iPhones at risk (CVE-2026-20700)

A government-grade iPhone hacking toolkit called DarkSword was leaked on GitHub on March 23 - and researchers say it's trivially easy to use. Written entirely in HTML and JavaScript, anyone can host it and hack iPhones running iOS 18.4 through 18.7.1. It chains six vulnerabilities including three zero-days for full device takeover, stealing messages, location data, and crypto wallets. Roughly a quarter of all iPhones remain on vulnerable versions.

Check

Check all company iPhones and iPads for outdated iOS versions.

Affected

iOS 18.4 through 18.7.1. Also iOS 13 through 17.2.1 via the related Coruna exploit kit.

Fix

Update to iOS 18.7.2 or later (or iOS 26.3). Enable Lockdown Mode on high-risk devices. Push MDM policies to enforce updates.