TA446, a known threat group, has been caught using the newly discovered exploit kit DarkSword to go after iOS users This article explores ta446 known threat. . This change in the group's tactics is big because TA446's previous actions showed no signs of using exploit kits at all.
Around March 26, 2026, the campaign came to light when people saw the group pretending to be the Atlantic Council, a well-known international affairs group, to get people to click on bad links. The size of the email campaigns and the fact that they used the name of a well-known organization as a cover suggest that the group is becoming more organized and careful about who it chooses to target and how it goes about doing so.
People and groups are strongly advised not to click on links in emails that they didn't expect to get, even if those emails seem to come from trusted sources. One of the easiest ways to protect yourself from known exploits is to keep your iOS devices up to date with the latest version. Security teams should also keep an eye out for any network traffic that goes through proxy settings that aren't normal.
At the network level, it is also a good idea to flag and block the known malicious domains that are connected to this campaign right away. To get more instant updates, make ZeroOwl your preferred source in Google, LinkedIn, and X.
Click here to learn more about how to make ZeroOwl your preferred source in Google, LinkedIn, or X to get more instant updates. You can find out more about ZeroOwl by going to the company's official website at www.csn.com. You can get private help from the Samaritans by calling 08457 90 90 90 or going to a local Samaritans branch.
For more information, visit www.samaritans.org. If you need help in the U.S., call the National Suicide Prevention Lifeline at 1-800-273-8255.
