Why Your iPhone Could Be Exposed to "Plug-and-Play" Hacking Tools

The notion of a truly secure smartphone often rests on the reputation of devices like your iPhone. But imagine sophisticated hacking tools, once used by government spies, now potentially available to anyone and threatening millions of Apple users globally. In the last decade, widespread attacks on iPhones have been incredibly rare, typically only seen targeting specific groups like Uyghur Muslims in China or people in Hong Kong. Now, a new threat has emerged, putting your private data at unprecedented risk.

Key Details

Security researchers have uncovered Coruna and DarkSword, two potent new hacking toolkits targeting Apple customers. These advanced exploits can break into your iPhones and iPads, stealing sensitive data like messages, browser history, location, and cryptocurrency. Coruna affects iOS 13 through iOS 17.2.1, while DarkSword targets more recent versions, specifically iOS 18.4 and 18.7, released in September 2025.

DarkSword is particularly alarming because parts of its code have leaked online on GitHub. This makes it alarmingly easy for anyone, including less sophisticated cybercriminals, to download and launch attacks. As Justin Albrecht, a principal researcher from mobile security firm Lookout, explained to TechCrunch, DarkSword is now "essentially plug-and-play," enabling indiscriminate and dangerous attacks. Merely visiting a compromised website could hack your device and allow hackers to virtually take full control, extracting your private data to their web servers.

Adding concern, some Coruna components originated from Trenchant, a hacking and spyware unit within U.S. defense contractor L3Harris, which sells exploits to the U.S. government and its allies. The fact that such powerful, government-grade tools can leak and proliferate—finding their way to Russian spies, Chinese cybercriminals (Coruna), or targeting users in China, Malaysia, Turkey, Saudi Arabia, and Ukraine (DarkSword)—highlights a significant global security risk, echoing the 2017 NSA exploit leak which led to the devastating WannaCry ransomware attacks.

Why This Matters

The immediate implication for you is the potential exposure of your most private digital information. With DarkSword now readily available online, the barrier to launching sophisticated attacks has dramatically lowered. You don't need to be a high-profile target; visiting the wrong website could be enough. Apple's statistics show nearly one-in-three iPhone and iPad users aren't running the latest iOS 26 software. This means potentially hundreds of millions of devices are vulnerable to these newly leaked, easy-to-deploy hacking tools, since Apple touts more than 2.5 billion active devices around the world.

This situation also highlights a critical systemic issue: the uncontrolled proliferation of powerful hacking tools, even those developed under strict government secrecy. When advanced exploits, initially created for national security, leak onto public code repositories like GitHub, they become weaponized against the general public, posing a global threat to personal security and data integrity. GitHub has stated it preserves such code for "educational value," yet the risk remains significant when malicious actors can easily access these potent tools.

The Bottom Line

Your primary defense against these threats is vigilance and prompt action. Apple has confirmed that users running the latest versions of iOS 15 through iOS 26 are already protected from Coruna and DarkSword. Therefore, if your iPhone or iPad is not up to date, you should update immediately to at least iOS 18.7.6 or iOS 26.3.1, as strongly recommended by iVerify, to mitigate all known vulnerabilities. If upgrading isn't an option for your device, or if you believe you might be a specific target (such as a journalist or human rights activist), consider enabling Lockdown Mode, an extra security feature introduced in iOS 16. While not perfect, there's no public evidence to date that hackers have bypassed its protections. Prioritize your digital security and keep your devices updated.