Apple has taken an unusual step after a fresh wave of iPhone hacking incidents raised concerns among users who are not running the latest software. The company, which has long insisted that security fixes come only with the newest iOS version, is now doing something it has mostly avoided – sending critical updates to older versions as well. The change comes after a dangerous exploit called DarkSword started targeting iPhones in real-world attacks.
For years, Apple has followed a simple rule that if you want protection, you update your device to the latest iOS version it supports. Users who preferred staying on older versions, either for familiarity or performance reasons, had little choice. But the DarkSword situation has pushed Apple to act differently, at least for now. Thankfully, Apple has confirmed to Wired that it will release a security update aimed at users running iOS 18. This update is designed to block DarkSword, a hacking technique that can quietly take over certain iPhones when a user visits a compromised website. Devices already running iOS 26 were not affected, but those on iOS 18 were left exposed.
Apple changes its own software update policy
The good thing is that Apple is not limiting this fix to older devices that cannot run the latest software. Even iPhones capable of upgrading to iOS 26 will now receive a patched version of iOS 18. In cybersecurity terms, this is known as backporting, sending security fixes to older software without forcing a full upgrade.
An Apple spokesperson was quoted as saying, “Tomorrow, we are enabling the availability of an iOS 18 update for more devices so users with auto-update enabled can automatically receive important security protections.” At the same time, the company stuck to its usual advice, adding that users should still move to iOS 26 for the best level of protection.
The move follows rising criticism over the past couple of weeks, as DarkSword attacks began to spread. Researchers found that different hacker groups were already using the exploit for activities like surveillance and cryptocurrency theft. In some cases, the malicious code was left openly available on hacked websites, making it easier for others to reuse it.
The situation became more serious when the exploit was uploaded to GitHub, making it widely accessible. Soon after, security firms warned about phishing emails using the same technique. Investigators also found fake websites designed to infect users, including those outside the original target regions.
Despite these risks, many iPhone users had not moved to iOS 26. Some were unhappy with changes like the new “liquid glass” interface, while others faced issues such as app compatibility, storage limits, or region-specific features. For them, updating was not a simple decision.
This left millions in a tough spot, either stick with a familiar version or move to a newer one they may not fully trust. Apple’s latest decision appears to ease that pressure by offering protection without forcing an upgrade.
Security experts, however, feel the response has come a bit late. Some pointed out that users remained at risk for days while the exploit spread. Others argued that such fixes should be a regular practice, especially when threats are already active.
This is also the second time in a month that Apple has taken this route. Earlier, the company released fixes for iOS 17 to deal with another advanced hacking toolkit called Coruna. That case also involved real-world attacks and pushed Apple to respond beyond its usual approach.
