In Saudi Arabia, Turkey, Malaysia, and Ukraine, a new iOS exploit, DarkSword, has been identified as a tool used for surveillance by hackers and suspected state-sponsored actors. Dating back to at least November 2025, the exploit takes advantage of multiple vulnerabilities within Apple's operating system, allowing unauthorized access to sensitive user information. The Google Threat Intelligence Group (GTIC) and iVerify discovered DarkSword and revealed that it can affect numerous users globally, especially those using outdated devices unable to receive the latest updates. This exploit complements another vulnerability known as Coruna, which had been affecting iOS versions 13.0 to 17.2.1. In March 2026, the latest version of DarkSword was leaked on GitHub. Cybersecurity experts have expressed concerns regarding the ease of repurposing these exploits, leading to the potential proliferation of attacks by various hostile actors. As a preventive measure, users are advised to keep their devices up-to-date with the latest versions of iOS or utilize enhanced security settings like 'Lockdown Mode' when updates are not available. Additionally, earlier this month, Apple released iOS 26.4, which included significant fixes and features addressing known user issues, particularly with keyboard accuracy. This update is critical as previous iterations had issues with accidental key registrations, which hampered user experience significantly. The timing of these updates highlights Apple's proactive response to emerging threats while addressing ongoing user complaints.