TI Mindmap HUB
Threat Intelligence Report

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog

📅 March 18, 2026 📰 cloud.google.com 🔍 6 CVE(s) referenced

A powerful new iOS exploit chain dubbed DarkSword—leveraging multiple zero-days and adopted by commercial surveillance vendors and state-sponsored actors—has rapidly proliferated across global espionage campaigns, enabling full device compromise and widespread data exfiltration until its patching in iOS 26.3.

vendor
CVE-2025-43520, CVE-2025-31277, CVE-2026-20700, CVE-2025-43510, CVE-2025-43529, CVE-2025-14174

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle