Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)

Apple released iOS/iPadOS 26.4.2 and 18.7.8 fixing CVE-2026-28950, a Notification Services bug where notifications marked for deletion could be unexpectedly retained and reveal message contents. While Apple did not declare the flaw as exploited, news reports claim the FBI leveraged it to extract Signal messages from a seized device, highlighting risks when secure apps rely on OS notification frameworks.