Apple Patches Critical Notification Privacy Flaw in iOS, iPadOS
Key Takeaways Apple has released urgent security updates for iOS and iPadOS. The patches address a critical privacy flaw (CVE-2026-28950) affecting notification data retention. This vulnerability...
Key Takeaways
- Apple has released urgent security updates for iOS and iPadOS.
- The patches address a critical privacy flaw (CVE-2026-28950) affecting notification data retention.
- This vulnerability allowed forensic extraction of Signal message content from iPhones, even after the app was deleted.
- All users of iPhone 11 and later, and a wide range of iPads, should update immediately to iOS 26.4.2 or iPadOS 26.4.2 (or iOS 18.7.8 for older devices).
Apple has rolled out critical security updates, iOS 26.4.2 and iPadOS 26.4.2, on April 22, 2026, to address a significant privacy vulnerability. This flaw enabled law enforcement agencies to recover sensitive Signal message content from iPhones, even when the messaging application had been previously removed from the device.
Table Of Content
Designated as CVE-2026-28950, the vulnerability originated from an issue within Apple’s notification logging infrastructure. Notifications designated for deletion were inadvertently retained on devices. This oversight meant that previews of private messages could persist long after users believed they had been permanently erased. Apple has confirmed that it has rectified the underlying problem by enhancing data redaction within its logging framework.
The severity of this vulnerability came to light following a report by investigative news outlet 404 Media. The report detailed an instance where the FBI successfully extracted Signal message notification content from a suspect’s iPhone during a criminal investigation. Critically, this extraction occurred despite Signal no longer being installed on the device. The residual notification previews contained enough legible information to be of forensic value to investigators.
Signal Praises Apple’s Swift Response
Signal, the widely recognized encrypted messaging platform, publicly acknowledged Apple’s prompt action following the disclosure. In a post on X, Signal confirmed that the update not only prevents future notifications from persisting after an app’s deletion but also automatically purges any previously retained notification data from affected devices.
This incident is particularly noteworthy given Signal’s reputation as a leading tool for privacy-conscious communication. The fact that iOS’s own system-level notification mechanisms could inadvertently compromise Signal’s end-to-end encryption underscores the intricate challenges involved in maintaining a robust, device-wide privacy posture.
The security update is applicable to a broad spectrum of Apple hardware, including:
- iPhone 11 and newer models
- iPad Pro 12.9-inch (3rd generation and later), 11-inch (1st generation and later)
- iPad Air 3rd generation and later
- iPad 8th generation and later
- iPad mini 5th generation and later
Users operating older devices can also implement the necessary fix via iOS 18.7.8 and iPadOS 26.4.2. The update, identified as Build 23E261 and approximately 670–770 MB in size, is currently available. Users should navigate to Settings > General > Software Update to install the patch immediately.
What You Should Do
- Update Immediately: Install iOS 26.4.2 or iPadOS 26.4.2 without delay. For older devices, apply iOS 18.7.8.
- Verify Installation: After updating, confirm that the new software version is successfully installed on your device.
- Regular Updates: Always ensure your devices are running the latest operating system versions to benefit from critical security patches.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.