Apple Patches iOS Vulnerability Used by FBI to Access Deleted Signal Messages

Apple has deployed a security patch to resolve a bug that permitted the FBI to extract readable previews of Signal messages from an iPhone's notification database. The vulnerability existed even in cases where users had enabled disappearing messages or had completely deleted the Signal application from their devices. The issue highlights a significant gap between application-level end-to-end encryption and operating system-level data retention. While Signal secures the transmission of messages, the iOS notification system cached previews that remained accessible to forensic tools used by law enforcement, effectively bypassing the app's privacy protections. The flaw came to light through unsealed documents from a Texas federal court involving an FBI investigation into an attack on the Prairieland ICE Detention Facility. These documents revealed that forensic extraction could recover cached notifications that were marked for deletion but unexpectedly retained by the device. Following the disclosure, Signal President Meredith Whittaker called for a rapid resolution, noting that notifications for deleted messages should not remain in any OS database. Telegram co-founder Pavel Durov also commented on the risk, suggesting that apps should force the absence of notification previews to ensure total privacy. Apple's security advisory confirmed that the bug allowing notifications to be unexpectedly retained has been fixed in the latest iOS release. This update ensures that data marked for deletion is properly purged from the device's notification database.