The public leak of the DarkSword iOS exploitation tool places iPhone credential harvesting and data exfiltration capability — including iOS keychain access — in the hands of low-skill threat actors targeting devices running iOS 18 and earlier. Apple has issued security updates for older devices in response, though no CVE identifiers have been confirmed in available source data. Organizations should immediately audit iOS device compliance via MDM, push available patches, and rotate enterprise credentials stored on or accessible from unpatched iOS devices; the primary risk is enterprise credential theft enabling lateral movement rather than direct iOS device compromise as an end goal.