this post was submitted on 23 Mar 2026
102 points (98.1% liked)

cybersecurity

6015 readers
22 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 2 years ago
MODERATORS
shellsharks
tweedge
102
Someone has publicly leaked an exploit kit that can hack millions of iPhones (techcrunch.com)
submitted 1 week ago by cm0002@literature.cafe to c/cybersecurity
12 comments fedilink hide all child comments
top 12 comments
sorted by: hot top controversial new old
[–] Cyber@feddit.uk 27 points 1 week ago* (last edited 1 week ago) (3 children)

Please tell me that the vulnerability is due to government surveilance backdoors

[–] adespoton@lemmy.ca 15 points 1 week ago (1 children)

It appears to be related to exploit code that was sold by a US contractor to a Russian group; the exploits it uses are all patched on recent OS versions, but older versions of iOS 17 and 18 are vulnerable.

[–] RustyShackleford@piefed.social 7 points 1 week ago (3 children)

So cool that Apple stopped making iOS 18 updates for all devices above iPhone XR. /s Forcing users on 11/12/13/14/15/16/17 devices to choose either staying on the more stable 18.7.2 where they were comfortable, or the garbage can of iOS 26. They fixed the DarkSword issue on the XR and select iPads with a 18.8 patch, but refuse to release it for anyone still on 18.7.2, on any device that’s iOS 26 compatible.

[–] reddig33@lemmy.world 9 points 1 week ago

You’re being downvoted, but you’re correct. Apple is probably risking a lawsuit by not shipping an already available security update for all users of iOS 18.

[–] 9tr6gyp3@lemmy.world -4 points 1 week ago

So cool Apple stopped making iOS 2 updates for all devices above iPhone 3G. /s Forcing users on iPhone 1 to choose either staying on the more stable 2.2.1 where they were comfortable, or the garbage can of iOS 3/4/5/6/7/8/9/10/11/12/13/14/15/16/17/18/26.

[–] CIA_chatbot@lemmy.world 12 points 1 week ago

Ummm, it wasn’t me this time, I swear

[–] leviathan@feddit.org 10 points 1 week ago (1 children)

You sure know what news you wanna hear 😄

[–] 9tr6gyp3@lemmy.world 6 points 1 week ago

Its been news before, so there is precedence for that possibility.

[–] plateee@piefed.social 10 points 1 week ago (1 children)

Aww where's the link? I have an old iPhone that my ex-employeer didn't want back - I wouldn't mind playing around with it.

[–] frongt@lemmy.zip 19 points 1 week ago (1 children)

Had to use duckduckgo to find it, but just "darksword site:github.com" worked. It's not showing up in Google results.

https://github.com/htimesnine/DarkSword-RCE

There's also an implementation in objc: https://github.com/opa334/darksword-kexploit

[–] Cyber@feddit.uk 4 points 1 week ago

FYI, you can just use !git or !gh with duckduckgo to focus on github

DuckDuckGo Bangs

(But interesting that Google's filtering results...)