DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses | CyberScoop<\/title> <meta name=\"description\" content=\"Leaked DarkSword spyware on GitHub threatens hundreds of millions of iPhones running iOS 18. Security experts warn the exploit kit could democratize iPhone hacking.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/darksword-iphone-spyware-leak-ios-18-exploit-threat\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"DarkSword's GitHub leak threatens to turn elite iPhone hacking into a tool for the masses\"> <meta property=\"og:description\" content=\"Leaked DarkSword spyware on GitHub threatens hundreds of millions of iPhones running iOS 18. Security experts warn the exploit kit could democratize iPhone hacking.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/darksword-iphone-spyware-leak-ios-18-exploit-threat\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-03-24T21:34:03+00:00\"> <meta property=\"article:modified_time\" content=\"2026-03-24T21:34:05+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1773246214g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1772477397g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1773271249g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/88396\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=88396\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdarksword-iphone-spyware-leak-ios-18-exploit-threat%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdarksword-iphone-spyware-leak-ios-18-exploit-threat%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-88396 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/darksword-iphone-spyware-leak-ios-18-exploit-threat\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.29057187017\">\n<div class=\"single-article__header-content\" readability=\"35.695020746888\">\n<p> Cybersecurity researchers say the GitHub leak threatens to “democratize” iPhone exploits that were once reserved for nation-states, potentially putting hundreds of millions of iOS 18 devices at risk. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/88396\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Apple iOS update screen is seen displayed on a phone screen in this illustration photo taken in Krakow, Poland on Sept. 17, 2025. (Photo by Jakub Porzycki\/NurPhoto) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"75.404321885914\"><body readability=\"155.18298404754\"><\/p>\n<p>Leaked iOS spyware has some cybersecurity professionals raising urgent alarms about potential mass iPhone compromises, a development that pairs ominously with the recent discovery of two sophisticated iOS exploit kits.<\/p>\n<p>At the same time, some other experts say Apple\u2019s defensive features for iPhones remain elite. But several factors have created unprecedented circumstances: the public accessibility of a version of DarkSword, shortly after the discovery of the <a href=\"https:\/\/cyberscoop.com\/second-ios-exploit-kit-emerges-from-suspected-russian-hackers-using-possible-u-s-government-developed-tools\/\">original version<\/a> of DarkSword and the earlier discovery of a similar kit known as <a href=\"https:\/\/cyberscoop.com\/coruna-ios-exploit-kit-leaked-us-framework\/\">Coruna<\/a>, and a growing market for iPhone exploits driven by their high value as targets.<\/p>\n<p>Allan Liska, field chief information security officer at Recorded Future, said he was worried about what the leaked DarkSword version could do to \u201cdemocratize\u201d iPhone exploits.<\/p>\n<p>\u201cRight now, iPhone exploitations are among the most expensive to research\/implement so they have been, largely, the realm of nation-states,\u201d he said. \u201cIf anyone can exploit an iPhone, suddenly something that has managed to be relatively secure now is a much bigger attack surface.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Google, iVerify and Lookout released research last week on DarkSword\u2019s discovery, centered on Ukraine. Google also said it saw targeting in Saudi Arabia, Turkey and Malaysia. And that was before a version turned up on GitHub, a development TechCrunch <a href=\"https:\/\/techcrunch.com\/2026\/03\/23\/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones\/\">first reported<\/a> and Google and iVerify have analyzed. (The week before, iVerify and Google uncovered Coruna. Google declined to comment further for this story.)<\/p>\n<p>\u201cIt\u2019s extremely alarming that this leaked out on GitHub,\u201d said Rocky Cole, co-founder of iVerify. \u201cI would assume that it\u2019s being used all around the world, and including here in the United States.\u201d<\/p>\n<p>Hundreds of millions of iPhones running iOS 18 could be vulnerable to DarkSword.<\/p>\n<p>\u201cI think that the top line issues here are pretty clear: people who have devices that are vulnerable should upgrade ASAP,\u201d said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation. \u201cIt is very likely that these vulnerabilities are being used right now to exploit vulnerable devices at scale, which is unusual for Apple products.\u201d<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-the-propagation-problem\">The propagation problem<\/h3>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Coruna was concerning enough for Apple that it took the rare step of backporting security updates to still older versions of iOS, Cole said. The fear, he said, was that it might be wormable \u2014 capable of spreading from one device via text message to everyone in a phone\u2019s contact list.<\/p>\n<p>But Cole said Apple hasn\u2019t released similar security-focused updates to iOS 18, for reasons he doesn\u2019t know.<\/p>\n<p>Apple has emphasized the patches it has issued, urged users to update their phones and touted Lockdown Mode as a defense against spyware.<\/p>\n<p>\u201cApple devices are designed with multiple layers of security in order to protect against a wide range of potential threats, and every day Apple\u2019s security teams around the world work tirelessly to protect users\u2019 devices and data,\u201d said Apple spokesperson Sarah O\u2019Rourke. \u201cKeeping your software up to date is the single most important thing you can do to maintain the security of your Apple products, and devices with updated software were not at risk from these reported attacks.\u201d<\/p>\n<p>IPhones\u2019 widespread use makes them high-value targets, fueling a thriving market for exploits. Coruna and DarkSword are indicators of this growing demand. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cIt\u2019s time for organizations to start thinking of mobile security the way they think about desktop security, which is to say everyone knows how to secure their laptop,\u201d Cole said. And for iPhone exploit hunting in particular, \u201cyou\u2019re starting to see people do it at a mass level.\u201d Furthermore, the resale market is such that exploits that once were exclusive are no longer, and AI makes it even easier to customize them in the code, he said. <\/p>\n<p>DarkSword has drawn federal attention: The Cybersecurity and Infrastructure Security Agency this week added vulnerabilities that DarkSword exploits to the list that federal agencies <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/03\/20\/cisa-adds-five-known-exploited-vulnerabilities-catalog\">must patch<\/a>.<\/p>\n<p>The number of people still using iOS 18 is large, up to 25% of all iPhones. Cole said several factors are contributing to that, such as users being leery of iOS 26\u2019s onboard artificial intelligence or the Liquid Glass interface.<\/p>\n<p>Said Galperin: \u201cThere are many reasons why people do not keep their devices up to date, so when I tell people \u2018just patch your stuff\u2019 I think it is important to realize that there are circumstances under which this is easier said than done.\u201d<\/p>\n<h3 class=\"wp-block-heading\" id=\"h-proven-defenses-despite-expanding-risks\">Proven defenses despite expanding risks<\/h3>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Despite the concerns, Cole credited iPhone for its high security standards, in particular for its app store.<\/p>\n<p>For Natalia Krapiva, senior tech-legal counsel at Access Now, a key takeaway is the worrisome proliferation of commercial spyware and cyber intrusion capabilities.<\/p>\n<p>\u201cThis is exactly what human rights activists and digital security researchers have been warning governments and companies about: In the absence of effective regulation for the industry, these exploits will get out and end up in the hands of adversaries like Russia, China, Iran, or, as in the case of DarkSword, leaked online for any criminal to use,\u201d she said.<\/p>\n<p>On the other hand, Apple\u2019s Lockdown Mode and <a href=\"https:\/\/cyberscoop.com\/apple-memory-integrity-enforcement-iphone-ios-anti-spyware\/\">Memory Integrity Enforcement<\/a> are top-notch defensive measures, Krapiva said. We\u2019ve yet to see a Lockdown Mode-enabled iPhone being infected with spyware, she said.<\/p>\n<p>\u201cI think we\u2019ll keep seeing more attempts to exploit both Apple and Android devices as they improve their software and hardware security,\u201d she said. \u201cIt\u2019s the old cat-and-mouse game.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Adam Boynton, senior enterprise strategy manager at Jamf, said what\u2019s happened with Coruna and DarkSword is evidence of Apple\u2019s success.<\/p>\n<p>\u201cWhat\u2019s encouraging here is that Apple\u2019s security model works,\u201d he said. \u201cCoruna skips devices running the latest iOS versions and avoids those with Lockdown Mode enabled entirely. That\u2019s a strong validation of the defences Apple has built.<\/p>\n<p>\u201cDarkSword reinforces the same principle,\u201d he continued. \u201cWhere Coruna targeted older iOS versions, DarkSword demonstrates that even relatively current releases can be targeted by determined actors. Apple moved quickly to patch the vulnerabilities involved, and devices running the latest iOS are protected.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/03\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/darksword-iphone-spyware-leak-ios-18-exploit-threat\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DarkSword’s GitHub leak threatens to turn elite iPhone hacking into<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2044,303,6091,282,452,6213,2977,387,3586,305,3261,3071,2287,6110,2290,482,310,288,2291,354,6277],"tags":[2049,307,6094,286,454,6214,2979,391,3588,309,3262,3073,2296,6115,2299,484,311,294,2300,358,6278],"class_list":["post-8467","post","type-post","status-publish","format-standard","hentry","category-access-now","category-apple","category-coruna","category-cybercrime","category-cybersecurity-and-infrastructure-security-agency-cisa","category-darksword","category-federal-it","category-google","category-ios","category-iphone","category-iverify","category-jamf","category-lookout","category-malaysia","category-saudi-arabia","category-spyware","category-technology","category-threats","category-turkey","category-ukraine","category-worm","tag-access-now","tag-apple","tag-coruna","tag-cybercrime","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-darksword","tag-federal-it","tag-google","tag-ios","tag-iphone","tag-iverify","tag-jamf","tag-lookout","tag-malaysia","tag-saudi-arabia","tag-spyware","tag-technology","tag-threats","tag-turkey","tag-ukraine","tag-worm"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/access-now\/\" rel=\"category tag\">Access Now<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/apple\/\" rel=\"category tag\">Apple<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/coruna\/\" rel=\"category tag\">Coruna<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/darksword\/\" rel=\"category tag\">Darksword<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/federal-it\/\" rel=\"category tag\">Federal IT<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google\/\" rel=\"category tag\">Google<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ios\/\" rel=\"category tag\">iOS<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/iphone\/\" rel=\"category tag\">iPhone<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/iverify\/\" rel=\"category tag\">iVerify<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/jamf\/\" rel=\"category tag\">Jamf<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/lookout\/\" rel=\"category tag\">Lookout<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/malaysia\/\" rel=\"category tag\">Malaysia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/saudi-arabia\/\" rel=\"category tag\">Saudi Arabia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/spyware\/\" rel=\"category tag\">spyware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/turkey\/\" rel=\"category tag\">Turkey<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ukraine\/\" rel=\"category tag\">Ukraine<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/worm\/\" rel=\"category tag\">worm<\/a>","tag_info":"worm","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8467","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8467"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8467\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8467,"date":"2026-03-24T16:34:03","date_gmt":"2026-03-24T21:34:03","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=88396"},"modified":"2026-03-24T16:34:03","modified_gmt":"2026-03-24T21:34:03","slug":"darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/03\/24\/darkswords-github-leak-threatens-to-turn-elite-iphone-hacking-into-a-tool-for-the-masses\/","title":{"rendered":"DarkSword\u2019s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses"},"content":{"rendered":"