Apple has fixed a vulnerability in iOS and iPadOS that allowed law enforcement to recover deleted chat messages from Signal and other messaging apps using forensic tools.
The bug affected how iPhones and iPads handled deleted data from messaging applications. Forensic tools used by police could access messages that users believed they had permanently removed from Signal.
Apple addressed the vulnerability in recent security updates. The issue stemmed from how the operating system managed deleted data in application storage, leaving recoverable traces that law enforcement could extract with specialized forensic equipment.
Signal, the encrypted messaging app, had already deleted the messages from its own database. However, the underlying iOS vulnerability meant deleted data remained accessible at the system level, allowing forensic tools to reconstruct the content.
Law enforcement agencies have relied on similar forensic extraction methods for years to access data on seized devices. This particular vulnerability represented a gap between user expectations of deletion and actual data removal on Apple devices.
The fix ensures that deleted messages are more thoroughly scrubbed from device storage, making recovery significantly more difficult. Apple did not disclose the specific technical details of the vulnerability or name which iOS versions were affected, though the patch was rolled out through standard security updates.
This incident highlights the ongoing tension between device security, user privacy, and law enforcement access. While the fix benefits users concerned about data recovery from their devices, it also limits forensic capabilities that police rely on during criminal investigations.
Apple regularly patches security vulnerabilities discovered through both internal testing and external security researchers. The company has increasingly emphasized privacy features in its devices, though this often conflicts with law enforcement requests for access to user data.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.