Breaking: Apple has released emergency iOS updates—26.4.2 for iPhone 11 and newer and 18.7.8 for older models up to iPhone XR through iPhone 16e and various iPads—to fix CVE-2026-28950, a flaw in Notification Services that could cause deletion-marked notifications to linger on devices.

The flaw came to light after reports that the FBI accessed Signal messages from an iPhone using stored notification data, underscoring a gap between app encryption and OS-level data handling.

Security researchers note that the issue affects multiple iOS versions, with DarkSword and other threats prompting broader protections across affected devices.

German authorities urge users to be vigilant about out-of-band verification and the risks of unexpected invitations in supposedly secure environments to counter social engineering.

Apple and independent security commentators warn that notifications can leak data, so minimizing notification data is prudent even beyond this update.

Experts encourage limiting what appears in notifications and staying privacy-conscious about content across apps, even as updates reduce data leakage.

The article links to original sources and includes disclosure about the writer’s sources and potential affiliate relationships.

There is no public proof-of-concept or exploit sample disclosed, and no known network indicators tied to the vulnerability at publication.

Users are advised to update immediately via Settings > Software Update to protect against the vulnerability and potential data exposure in notifications.

Additionally, users are urged to update promptly to mitigate the described risk.

Meta is testing a paid WhatsApp Plus beta for Android, offering customization and extended features while core functions remain free, signaling diversification into AI and new revenue models.

German authorities warn state-sponsored hacker groups from Moscow target encrypted messaging apps using phishing and fake security alerts, affecting platforms like WhatsApp and Signal.