Dark Sword Zero Day Leaked Millions of iPhones At Risk TODAY!

March 29, 2026

AI Summary

5 min read

Google's Threat Intelligence Group, along with Lookout and iVerify, revealed Dark Sword last week—a sophisticated iPhone exploit chain linked to Russian espionage group UNC 6353. Developed since November 2025, it chains six vulnerabilities, three previously unknown zero-days, for silent device takeover. This morning in March 2026, its full code leaked publicly on GitHub, shifting it from costly nation-state and dark web tool to free download for any criminal.

Background and Proliferation

Dark Sword emerged March 19, 2026, in coordinated research, mirroring an earlier UNC 6353 exploit called Corona. Traced from Russian hackers, it spread to Chinese cybercriminals, a Turkish firm (PARS Defense) targeting Turkey and Malaysia, and secondary markets with financial motives. Before the leak, it was licensed and resold; now, anyone can access, modify, and deploy it. Researchers noted large language models customized it and Corona, lowering barriers for attacks using widely available AI tools.

No confirmed U.S. attacks yet, but 296 million unpatched iPhones remain vulnerable here—the largest concentration worldwide. Geopolitical targets like Ukraine and Saudi Arabia differ from financial criminals' priorities: U.S. devices linked to corporate data.

Continue reading the full summary in the app — free to try.

Read Full Summary →

Free • No credit card required

Listen to Audio Summary Open in App

What you'll learn

1 (01:15) **Dark Sword Exploit Overview and Leak**
2 (03:23) **Background and Discovery**
3 (06:19) **How the Attack Works**
4 (08:04) **Malware Payloads**
5 (09:11) **AI's Role in Development**
6 (10:51) **Why US Businesses Must Act**
7 (12:43) **BYOD Risks and Policy Fixes**

+ Full timestamped outline available in the app

Show Notes

New Episode🔥New Episode🔥This episode dives deep into the recent availability of Dark Sword, a potent zero click attack tool previously used by Russian intelligence, now accessible to criminals. We discuss the severe implications for cybersecurity as this zero day exploit, requiring no download, offers unfettered access to mobile devices. Join us to understand the risks of phone hacking and how it impacts your digital safety.

Chapters
00:00 Russian Intelligence Exploit Goes Public on GitHub
02:13 Dark Sword Exposed: Google Confirms Zero-Click iPhone Attack
04:36 How Dark Sword Silently Steals Everything in Two Minutes
07:03 AI-Powered Malware Customization: The New Normal
09:29 296 Million Vulnerable iPhones: Why US Businesses Are Next
11:55 Personal iPhones Accessing Company Data: Your Biggest Gap
14:21 Emergency BYOD Policy: Five Requirements You Need Today

Questions? Text our Studio direct. We read these and when helpful we give a special shout out for those to contact us.

Exciting announcement for our podcast listeners. Our non-fiction True crime Book MOVING TARGET: ART OF ONLINE CAMOFLAUGE was just published. Three years. 400+ interviews. A new trilogy. Book 1 is out now, available on Amazon, We are all Stevie Parker.

Moving Target: The Art of Online Camouflage is available now https://a.co/d/01fq72zj

Support the show

🔥New Exclusive Offers for our Listeners! 🔥

1. Remove Your Data Online Today! Try OPTERY Risk Free. Sign up here https://get.optery.com/DMauro-CyberCrimeJunkies
2. Or Turn it over to the Pros at DELETE ME and get 20% Off! Remove your data with 24/7 data broker monitoring. 🔥Sign up here and Get 20% off DELETE ME
3. 🔥Experience The Best AI Translation, Audio Reader & Voice Cloning! Try Eleven Labs Today risk free: https://try.elevenlabs.io/gla58o32c6hq

Dive Deeper:
🔗 Website: https://cybercrimejunkies.com

📰 Chaos Newsletter: https://open.substack.com/pub/chaosbrief

✅ LinkedIn: https://www.linkedin.com/in/daviddmauro/
📸 Instagram: