Researchers from Google LLC, Lookout Inc., and iVerify Inc. have identified a zero-day exploit chain named DarkSword affecting iOS 18. The vulnerability allows hackers to bypass security measures and steal data from apps like iMessage, WhatsApp, and crypto wallets.
DarkSword uses two zero-day flaws: a memory corruption flaw in Safari's JavaScriptCore and a Pointer Authentication Code (PAC) bypass. The exploit chain infects users through compromised websites, embedding malicious HTML and JavaScript files that install payloads.
Google warns that other threat actors may also be using DarkSword. Affected users can mitigate the risk by enabling Lockdown Mode or updating to newer iOS versions. Apple has released patches for older devices.