Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Critical Microsoft Edge Bug (CVE-2024-XXXX) Lets Attackers Run Code Remotely
July 6, 2026
Windows 11 24H2, 25H2 Bug Triggers Black Screens, Start Menu Failure
July 6, 2026
IBM WebSphere Flaws Let Attackers Exploit XSS, Path Traversal
July 6, 2026
Home/CyberSecurity News/Apple Patches Critical Notification Privacy Flaw in iOS, iPadOS
CyberSecurity News

Apple Patches Critical Notification Privacy Flaw in iOS, iPadOS

Key Takeaways Apple has released urgent security updates for iOS and iPadOS. The patches address a critical privacy flaw (CVE-2026-28950) affecting notification data retention. This vulnerability...

Jennifer sherman
Jennifer sherman
April 23, 2026 3 Min Read
43 0

Key Takeaways

  • Apple has released urgent security updates for iOS and iPadOS.
  • The patches address a critical privacy flaw (CVE-2026-28950) affecting notification data retention.
  • This vulnerability allowed forensic extraction of Signal message content from iPhones, even after the app was deleted.
  • All users of iPhone 11 and later, and a wide range of iPads, should update immediately to iOS 26.4.2 or iPadOS 26.4.2 (or iOS 18.7.8 for older devices).

Apple has rolled out critical security updates, iOS 26.4.2 and iPadOS 26.4.2, on April 22, 2026, to address a significant privacy vulnerability. This flaw enabled law enforcement agencies to recover sensitive Signal message content from iPhones, even when the messaging application had been previously removed from the device.

Table Of Content

  • Key Takeaways
  • Signal Praises Apple’s Swift Response
  • What You Should Do

Designated as CVE-2026-28950, the vulnerability originated from an issue within Apple’s notification logging infrastructure. Notifications designated for deletion were inadvertently retained on devices. This oversight meant that previews of private messages could persist long after users believed they had been permanently erased. Apple has confirmed that it has rectified the underlying problem by enhancing data redaction within its logging framework.

The severity of this vulnerability came to light following a report by investigative news outlet 404 Media. The report detailed an instance where the FBI successfully extracted Signal message notification content from a suspect’s iPhone during a criminal investigation. Critically, this extraction occurred despite Signal no longer being installed on the device. The residual notification previews contained enough legible information to be of forensic value to investigators.

Signal Praises Apple’s Swift Response

Signal, the widely recognized encrypted messaging platform, publicly acknowledged Apple’s prompt action following the disclosure. In a post on X, Signal confirmed that the update not only prevents future notifications from persisting after an app’s deletion but also automatically purges any previously retained notification data from affected devices.

This incident is particularly noteworthy given Signal’s reputation as a leading tool for privacy-conscious communication. The fact that iOS’s own system-level notification mechanisms could inadvertently compromise Signal’s end-to-end encryption underscores the intricate challenges involved in maintaining a robust, device-wide privacy posture.

The security update is applicable to a broad spectrum of Apple hardware, including:

  • iPhone 11 and newer models
  • iPad Pro 12.9-inch (3rd generation and later), 11-inch (1st generation and later)
  • iPad Air 3rd generation and later
  • iPad 8th generation and later
  • iPad mini 5th generation and later

Users operating older devices can also implement the necessary fix via iOS 18.7.8 and iPadOS 26.4.2. The update, identified as Build 23E261 and approximately 670–770 MB in size, is currently available. Users should navigate to Settings > General > Software Update to install the patch immediately.

What You Should Do

  • Update Immediately: Install iOS 26.4.2 or iPadOS 26.4.2 without delay. For older devices, apply iOS 18.7.8.
  • Verify Installation: After updating, confirm that the new software version is successfully installed on your device.
  • Regular Updates: Always ensure your devices are running the latest operating system versions to benefit from critical security patches.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

CVEPatchSecurityVulnerability

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Checkmarx KICS Docker Image Compromised to Inject Malware

Next Post

Critical Pack2TheRoot Flaw Lets Attackers Gain Root Access

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical ModSecurity Flaws Let Attackers Bypass Firewall Rules
July 6, 2026
Moody Bible Institute Data Breach Exposes 2.3 Million Users’ Personal Data
July 6, 2026
RedLine Stealer C2 Uses 7 Fraudulent Domains in Maritime Phishing Attacks
July 6, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
David kimber
David kimber
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us