![Hon. Festus Keyamo SAN arrives MMIA past 11:50 p.m. Feb 23 to lead oversight of Terminal 1 fire. Joined FAAN MD & team actively managing situation. Directed morning inspection Tuesday to guide restoration & confirm safety standards. Reaffirmed focus on passenger safety. Story: [link] #KeyamoMMIA #FireIncident #FAAN](https://fullcliphq.com/wp-content/uploads/2026/02/mym-150x150.jpg "MMIA Fire: Keyamo Inspects Lagos Airport After Terminal 1 Blaze Disrupts Flights")
Security researchers from Google, Lookout and iVerify have jointly disclosed the discovery of “Darksword,” a highly advanced spyware tool capable of compromising iPhones through malicious websites, putting hundreds of millions of users worldwide at risk of data theft and surveillance.
The malware was identified in active campaigns targeting individuals in Saudi Arabia, Turkey, Malaysia and Ukraine, according to the March 20, 2026, joint report. Attackers embedded Darksword in components of legitimate websites – including Ukrainian online news outlets and at least one government agency site – to silently harvest sensitive information from visitors’ devices. Once installed, the spyware can extract personal data, monitor activity, and potentially drain cryptocurrency wallets or compromise other high-value assets.
Justin Albrecht, principal researcher at Lookout, described the finding as evidence of a “verified pipeline” through which recent iOS exploits are being transferred from commercial vendors to potentially criminal actors with financial motives. The report notes that Darksword operates alongside another recently discovered iPhone spyware called Coruna, revealed on March 3, 2026. Together, these tools form a potent threat to user privacy and financial security.
While Apple’s latest iOS versions are not affected, Darksword remains effective against iOS 18. As of February 2026, nearly a quarter of all active iPhones worldwide were still running this older operating system, leaving a substantial user base exposed. The researchers urged immediate updates to the latest iOS release, along with vigilance against suspicious links and websites.
This disclosure follows a pattern of high-profile iPhone vulnerabilities exploited in recent years. In May 2025, Apple issued an urgent update after researchers from Tel Aviv-based firm Oligo identified 23 flaws in the AirPlay protocol and its SDK, which could allow attackers on the same Wi-Fi network to take control of compatible devices and stream or access content without authorisation.
Earlier, in February 2025, Apple warned of “extremely sophisticated” attacks that disabled USB Restricted Mode on locked devices, potentially enabling forensic data extraction. These incidents underscore the persistent targeting of iOS devices by both state-linked actors and commercial spyware vendors.
Apple has not yet issued a specific advisory tied to Darksword, but the company routinely encourages users to keep software updated and enable features such as Lockdown Mode for high-risk individuals. Cybersecurity experts recommend avoiding unknown websites, using strong, unique passcodes or biometric authentication, and monitoring device behaviour for signs of compromise.
The emergence of Darksword highlights ongoing challenges in securing mobile ecosystems against zero-click and web-based exploits, particularly as spyware proliferates beyond state actors into criminal hands. With millions of iPhones in circulation across the targeted regions and globally, the incident serves as a stark reminder of the need for prompt patching and heightened user awareness.