The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three iOS vulnerabilities that threat actors are actively exploiting using the DarkSword exploit kit. The flaws have been leveraged in attacks targeting cryptocurrency theft and cyberespionage operations, prompting CISA to add them to its Known Exploited Vulnerabilities catalog.
The directive affects all U.S. government agencies, which must implement patches or mitigations within the specified timeframe. CISA's binding operational directive requires federal civilian executive branch agencies to address these vulnerabilities due to evidence of active exploitation in the wild.
The DarkSword exploit kit represents a sophisticated threat tool capable of targeting iOS devices for malicious purposes. The specific attack vectors involve compromising mobile devices to facilitate unauthorized access to cryptocurrency assets and conduct espionage activities against targeted victims.
Agencies must patch the affected iOS versions or implement appropriate mitigations to protect against these exploits. The timeline for remediation follows CISA's standard vulnerability disclosure and patching requirements for federal systems.
The discovery and cataloging of these vulnerabilities highlights the ongoing threat landscape facing mobile devices, particularly iOS systems used by government personnel and high-value targets in cryptocurrency and sensitive sectors.