Still Using iOS 18? You Absolutely Have to Update Now!

There’s one compelling reason iPhone users still holding off on upgrading to iOS 26 should update right away. A new report from security experts reveals that iPhones on older iOS versions are actively under attack. The only reliable protection is to install the latest update.

Reception to iOS 26 has been mixed, with many iPhone users delaying the upgrade and sticking with iOS 18 due to the Liquid Glass UI. However, skipping the update means missing critical security patches, which leaves devices exposed. Now Apple and Google are sounding the alarm, urging users to update their devices immediately.

Outdated iPhones Are in Danger

The report comes from Google Threat Intelligence Group (GTIG) in collaboration with security firms such as Lookout. These organizations are highlighting a new wave of campaigns that exploit multiple zero-day vulnerabilities for remote targeted attacks. Attackers are deploying a tool called DarkSword, which is linked to another known spyware called Coruna.

DarkSword is highly stealthy spyware that is difficult to detect once it infiltrates a device. Hackers deliver it through fake websites that mimic legitimate apps and services such as Snapchat, often via links shared on messaging platforms. What makes this especially dangerous is that an iPhone user only needs to visit the malicious site and possibly click on it. No further action is required.

Once compromised, the device runs the spyware silently in the background. It spies on the user and steals sensitive information including location data, call logs, messages, photos, Wi-Fi networks, accounts, and passwords. With this information, attackers can go further by draining money from financial apps, cryptocurrency wallets, and bank accounts.

DarkSword is even harder to spot because it self-deletes from the device after completing its tasks rather than lingering. Experts warn that it still leaves vulnerabilities open, allowing other attackers to exploit the same code for additional attacks.

Which Users Are at Risk

DarkSword has reportedly been active since late last year in targeted campaigns in Saudi Arabia, Turkey, Ukraine, and Malaysia. Mercenary groups and entities believed to be based in Russia and China are thought to be responsible for most of these operations.

Although the report does not specifically mention the US or European countries, Apple and Google emphasize that any user on an outdated iOS version remains at risk worldwide.

The affected versions include iOS 18.3 through iOS 18.7. Roughly 25% of iPhone users are still on iOS 18, which means hundreds of millions of devices could potentially be exploited.

Users on vulnerable versions should update to the latest iOS 26 as soon as possible to close these security holes. If compromise is suspected, enabling the Lockdown tool on the iPhone provides an additional layer of protection.

At the same time, basic precautions remain essential: avoid clicking suspicious links, steer clear of unfamiliar websites, update passwords regularly, and consider stronger security options such as passkeys.

What iOS version are you running? Would you trade security to keep the older interface instead of the new Liquid Glass UI? Share your thoughts in the comments.