iOS Flaw Exposes ‘Deleted’ Message Data Through Notifications – Patch Now! (iOS 26.4.2 and iOS 18.7.8) – Bitdefender

April 23, 2026
Apple has rolled out emergency security updates to fix a privacy flaw that allowed “deleted” notification data—including message previews from encrypted apps like Signal—to persist on iPhones and be recovered later.
The issue, now patched in iOS 26.4.2 and older supported versions, drew attention after reports that U.S. investigators were able to extract supposedly deleted Signal messages from a suspect’s device—not by breaking encryption, but by accessing the iPhone’s notification database.

The bug gained popular attention after a 404 Media report revealed that the FBI had recovered Signal messages from an iPhone tied to a criminal investigation:
The messages were not pulled from Signal itself. Instead, investigators extracted them from the device’s notification database, where message previews had been stored. In fact, the Signal app had been deleted from the device before investigators extracted the message contents.
Because these previews can include some message content, they effectively created a secondary record of conversations—one that persisted even after the messages were deleted or the Signal app was uninstalled.

Apple has released iOS 26.4.2 and iOS 18.7.8 to address the issue.
According to Apple’s security advisory, the flaw meant that notifications “marked for deletion could be unexpectedly retained on the device.”
While these notifications disappear from the user interface, their contents—possibly including message text, login codes, or other sensitive data from any app—could remain stored internally due to a logging issue.
Apple says the issue has now been addressed through improved data redaction, ensuring that deleted notifications are no longer recoverable.

“We are very happy that today Apple issued a patch and a security advisory,” the private messaging service said in a post on X. “This comes following @404mediaco reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted.”
The company said “no action is needed for this fix to protect Signal users on iOS.” While it’s true that Signal itself requires no amendment to address this issue, users still have to manually deploy the iOS update that delivers the fix.
“Once you install the patch, all inadvertently-preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications,” Signal added. “We’re grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue. It takes an ecosystem to preserve the fundamental human right to private communication.”

As we regularly warn, even if you’re not a high-risk individual, it’s a good idea to stay up to date with the latest security patches — you never know when you trip a wire and become a target.
As of today, you want to be on iOS 26.4.2 or iOS 18.7.8 (even if you don’t use Signal).
If you haven’t updated your iPhone in a while, now’s a good time to do so.
Besides addressing this nasty flaw, this week’s update packs fixes for security holes exploited in widespread espionage and crypto theft.
For peace of mind, run an independent security solution on all your personal devices. Keep the trusty Lockdown Mode toggle handy if you have reason to believe hackers might target you.

To prevent Signal from storing message content, you must focus on on-device storage, as Signal does not store message content on its servers. Because Signal stores messages locally, you need to use disappearing messages and limit storage history, then turn off notification previews. 
Here are the specific methods to prevent Signal from storing message content:
1. Enable Disappearing Messages – removes messages automatically from both ends of a conversation.
2. Configure Local Storage Management – limits how much message history is kept on your phone. 
3. Change notification settings – prevents authorities from recovering messages from iPhone notification logs.
Remember, Signal messages are encrypted on your device. These steps merely ensure they are not retained (stored) permanently.
You may also want to read:
Apple Patches Older iPhones Against ‘Coruna’ Hacks Used in Espionage and Crypto Theft
Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns
Apple Debuts ‘Background Security Improvements’ with Urgent WebKit Fix for iPhone and Mac – Here’s How to Enable the Feature
tags
Filip has 17 years of experience in technology journalism. In recent years, he has focused on cybersecurity in his role as a Security Analyst at Bitdefender.

source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.