If you have an iPhone model that's several years old and you don't usually pay attention to software update notifications, it's time to sound the alarm. Google's security research team has just revealed a critical threat that directly puts your personal information at risk.

This is a recently discovered severe vulnerability that allows hackers to take complete control of Apple phones that lack the latest security patches.

This finding is particularly alarming due to its level of sophistication and because it directly penalizes users who have fallen behind in the update ecosystem.

What Google Discovered About the Dangerous DarkSword Virus on iPhone

Google's Threat Intelligence Group uncovered a sophisticated exploit chain they have dubbed DarkSword. This cyberattack works by chaining together multiple system vulnerabilities to compromise the iPhone's kernel.

This means that attackers gain the highest possible privileges on your phone and can access everything you do without any restrictions.

This threat is not an isolated case and comes shortly after the discovery of another similar attack known in the cybersecurity world as Coruna. Google's research indicates that DarkSword is being used by both commercial surveillance companies and state-sponsored actors. So far, these groups have been detected silently deploying the attack against specific targets in countries such as Saudi Arabia, Turkey, Malaysia, and Ukraine. Once the attack successfully infiltrates the phone, it proceeds to covertly install a series of malicious payloads. These spyware programs include GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER.These tools grant cybercriminals deep and persistent access to user information without the victim noticing anything unusual in their device's daily performance.

Why Your Old iPhone Is at Risk and How This Attack Works

The most worrying aspect of DarkSword is its silent infection method. Cybercriminals don't need physical access to your phone or to convince you to install a suspicious file via text message. The attack is distributed through compromised websites or fake pages specifically designed to trick users.

When you visit one of these pages from an iPhone with outdated software, the malicious code exploits security vulnerabilities in the Safari browser and the WebKit engine to quickly infiltrate the system. Google researchers, in coordination with renowned security firms such as Lookout and iVerify, have identified that DarkSword exploits at least six specific security flaws that have already been patched in more recent versions of the operating system, such as iOS 18 and the recent iOS 26. If you're one of those who think that web attacks can't do real damage to a mobile phone, this discovery proves otherwise. Internet browsing becomes a minefield when the operating system lacks the modern defenses that Apple incorporates in its routine updates to block malicious domains.

What you should do right now if you have a device that isn't updated

Apple's response to this serious threat was swift, and the company published an urgent support document to protect its users from web-based attacks. Apple confirmed that devices running the latest versions, from iOS 15 to the current iOS 26, are already natively protected against this exploit chain.

On March 11, Apple released a special software update for iOS 15 and iOS 16 designed to extend this critical protection to older devices. If your phone is still running iOS 13 or iOS 14, the company warns that it is strictly necessary to update to iOS 15 to receive these defenses, and in the coming days, you will receive an alert on your screen to install a security quick response. For users who are technically unable to update, Apple strongly recommends considering enabling Lockdown Mode. This extreme security feature drastically reduces the phone's capabilities and blocks many common navigation functions.but it represents a highly effective barrier to protect your data against malicious web attacks when no software patches are available.