Data Security , Privacy , Vulnerability Management , Patch/Configuration Management Apple patches iPhone notification bug after reports of deleted data recovery April 23, 2026 Share By SC Staff (Adobe Stock) As reported by Bleeping Computer, Apple has issued out-of-band security updates for iPhone and iPad devices to address a vulnerability in its notification services. This flaw could lead to notifications that were intended to be deleted being unexpectedly retained on the device. The vulnerability, identified as CVE-2026-28950, was patched on April 22, 2026, in iOS 26.4.2 and iPadOS 26.4.2, as well as in iOS 18.7.8 and iPadOS 18.7.8. Apple stated the fix was implemented through improved data redaction. While Apple has not confirmed if the flaw was actively exploited, the update follows reports from 404 Media detailing how the FBI recovered deleted Signal messages from an iPhone. These messages were reportedly retrieved not from Signal's encrypted storage, but from the iPhone's notification storage, persisting even after the Signal app was removed. This incident highlights potential privacy concerns regarding data persistence on mobile devices, even after user-initiated deletion. While Apple has not linked the update to specific exploits or legal cases, the timing suggests a response to emerging methods of data recovery. Users are advised to install the latest updates to mitigate the risk of deleted notification data being retained. Furthermore, users of privacy-sensitive applications like Signal can configure notification settings to limit the content displayed, reducing the data stored in notification logs. Source: Bleeping Computer SC Staff Related Data Security OpenAI’s Chronicle mirrors Microsoft Recall’s privacy concerns SC Staff April 23, 2026 Chronicle functions by taking screenshots of the user's screen and feeding them to OpenAI's Codex agent to augment its memory with contextual data. Data Security UK ransomware attacks shift to targeted methods, small businesses most affected SC Staff April 23, 2026 Security researchers at SonicWall reported that ransomware actors have moved away from broad, untargeted attacks to more human-operated, "big game hunting" methodologies. Security Operations UK intelligence warns of widespread commercial spyware access by governments SC Staff April 23, 2026 The UK National Cyber Security Centre's report highlights an increase to 100 nations having access to these hacking tools, up from 80 countries estimated last year. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Anonymization Biometrics Buffer Overflow Bug Challenge-Handshake Authentication Protocol (CHAP) Checksum Digital Signature Digital Signature Standard (DSS) Discretionary Access Control (DAC) Inference Attack You can skip this ad in 5 seconds