DarkSword, investigated by iVerify and disclosed March 18, 2026, is a mass-exploitation iOS vulnerability delivered via a JavaScript kit on compromised sites. It targets iPhones running iOS 18.4 to 18.7 and has the potential to affect up to 270 million devices.

The main goal is extensive intelligence gathering and mass surveillance. The exploit can exfiltrate sensitive information, such as location history, text messages, and Wi-Fi passwords.

Mobile devices have become the new primary attack surface in the enterprise, shifting from a minor concern to the least-protected endpoint carrying the most risk. Our research confirms that the sophistication of mobile exploitation has escalated, with tools once reserved for nation-state espionage now being used against mass audiences. Ignoring this reality leaves a massive, unaddressed gap in corporate defense.

Attend this webinar to understand the fast evolution of mobile threats, from early malware to sophisticated, nation-state-level commercial spyware. Learn how to integrate critical mobile threat telemetry into your existing security operations.

An overview on the newly announced Coruna exploit, a mobile threat that signals a critical shift in the mobile security landscape.

iVerify, Intel 471, Replica Cyber, Team Cymru, ShadowDragon, and Analyst1 are hosting a private, speakeasy-style happy hour for CISOs and senior security practitioners. Designed for meaningful peer conversation, this off-the-record evening brings together security leaders in an intimate setting just a 5-minute walk from the FS-ISAC venue.

Step away from the sessions and connect with the iVerify team to talk through the real mobile risks financial institutions are facing today.

Come meet the iVerify team and step away from the noise to talk about what’s really changing in enterprise security. Mobile threats are evolving fast, and phones have become one of the hardest attack surfaces to defend.