Apple issued an urgent security bulletin on March 20, 2026 warning that older iPhone models running outdated iOS versions are actively being targeted by a cyberattack framework called DarkSword. An estimated 100 million devices globally are at risk. If your iPhone hasn't been updated recently, this is not a story to skim and forget.
What DarkSword Actually Does to Your iPhone
DarkSword is a web-based attack framework โ meaning it doesn't require you to download anything or click a suspicious link in the traditional sense. The Coruna exploit at its core targets a flaw in how older iOS versions process certain web requests. When your iPhone loads a compromised or malicious webpage, the exploit can execute code on your device without any visible interaction on your part.
Once inside, the attack can access personal data stored on the device, intercept communications, and in more advanced deployments, create persistent access that survives basic security measures. The "web-based" nature makes it particularly dangerous โ there's no obvious warning sign the way there is with phishing emails or fake apps.
Which iPhones Are at Risk
| iPhone Model | Risk Level | What to Do |
|---|---|---|
| iPhone 6s, 7, 8, X | High โ limited update support | Update to latest available iOS; consider upgrading device |
| iPhone XR, XS, 11 series | High if not updated | Update to iOS 17+ immediately |
| iPhone 12, 13 series | Medium if not updated | Update to latest iOS 18 version |
| iPhone 14, 15, 16 series | Low โ if running current iOS | Ensure auto-updates are enabled |
The highest risk group is older iPhones (iPhone 6s through X) that can no longer receive the latest iOS versions. For these devices, the update path is limited โ Apple only supports security patches for a finite number of older iOS versions. If your device is beyond support range, the only complete solution is upgrading to a newer model.
What to Do Right Now โ Step by Step
๐ Protect Your iPhone in the Next 10 Minutes
- Update iOS: Settings โ General โ Software Update โ Download and Install. This is the most important step and fixes the vulnerability completely on supported devices.
- Enable automatic updates: Settings โ General โ Software Update โ Automatic Updates โ turn on both toggles. This ensures future patches install without you needing to remember.
- Avoid unfamiliar websites on unpatched devices: Until you've updated, avoid browsing unknown websites on Wi-Fi networks you don't control (airports, cafes, hotels).
- Check for unusual activity: If your iPhone has been running slowly, showing unexpected pop-ups, or draining battery faster than usual, these can indicate compromise. A factory reset after backing up your data is the cleanest resolution.
- If your iPhone is too old to update: Consider this a signal to upgrade. A device that can no longer receive security patches is a liability, not just a convenience issue.
Why Apple Faces Criticism Over This
Apple's security record is strong compared to most platforms, but this situation highlights a recurring tension in the iPhone ecosystem. Apple stops providing security updates for older devices after a certain point โ typically 5โ6 years after launch. The iPhone 6s, released in 2015, receives no more updates. Users who rely on these devices โ often because they can't afford or don't want to upgrade โ are left with hardware that becomes progressively less secure through no fault of their own.
This has prompted renewed calls from consumer advocacy groups and some regulators for extended security support periods โ a debate that the EU's Right to Repair legislation has started to address, though software update obligations remain less defined than hardware repairability requirements.
For Apple, the DarkSword incident also has a commercial upside: security vulnerabilities on older devices create a legitimate reason for users to upgrade. The company will likely see accelerated upgrades from the long tail of users still on iPhone X and earlier models.
Key Takeaways
- DarkSword is a web-based attack framework targeting older iPhones running outdated iOS โ no download or link click required to be compromised
- Approximately 100 million devices globally are estimated to be at risk
- The fix is straightforward for supported devices: update iOS immediately via Settings โ General โ Software Update
- iPhones too old to receive updates (iPhone 6s era) face no complete software fix โ device upgrade is the only full resolution
Frequently Asked Questions
Q: How do I check if my iPhone has been compromised by DarkSword?
A: There's no definitive user-level check. Warning signs include unusual battery drain, unexpected data usage, slow performance, or unfamiliar apps. If you suspect compromise, back up your data and perform a factory reset, then restore from backup after updating to the latest iOS.
Q: Is this only an iPhone problem or does it affect iPads too?
A: Apple's security bulletin covers iPhones specifically in relation to the DarkSword vulnerability. iPads running similarly outdated iPadOS versions may face related risks โ the same update advice applies: Settings โ General โ Software Update.
Q: My iPhone is too old to update. What should I do until I can afford a new one?
A: Minimise browsing on unknown networks, avoid logging into banking or sensitive accounts on the device, and use mobile data rather than public Wi-Fi when possible. These reduce exposure but don't eliminate the risk โ they're temporary mitigations, not solutions.