Apple iOS and iPadOS 26.4 Beta adds RCS end-to-end encryption and new device protections
Security Tool/Service
Summary
Hide ▲
Show ▼
Apple’s iOS and iPadOS 26.4 Beta now tests end-to-end encryption (E2EE) for RCS messages, strengthening message confidentiality for Apple users. The same beta also expands Memory Integrity Enforcement (MIE) and is expected to bring Stolen Device Protection defaults, raising the bar against spyware, memory-corruption attacks, and device theft abuse. These changes matter because they move multiple security controls from optional or limited modes into broader platform coverage.
Related Happenings
Apple and Google Messages beta rollout of cross-platform E2EE RCS
Security Tool/Service
First: 12.05.2026 16:00
Last: 12.05.2026 16:00
Sources 1
About this happening:
Apple and Google have begun a **beta rollout** of **end-to-end encrypted RCS** between **iPhone** and **Android** devices, materially reducing carrier and in-transit visibility fo...
Apple and Google Messages beta rollout of cross-platform E2EE RCS
Security Tool/ServiceAbout this happening: Apple and Google have begun a **beta rollout** of **end-to-end encrypted RCS** between **iPhone** and **Android** devices, materially reducing carrier and in-transit visibility fo...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/Service
First: 12.05.2026 08:18
Last: 12.05.2026 08:18
Sources 1
About this happening:
Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/ServiceAbout this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)
Security Patch Release
First: 22.04.2026 23:58
Last: 22.04.2026 23:58
Sources 1
About this happening:
**Apple** released **out-of-band security updates** for **iPhone and iPad** on **April 22, 2026** to fix **CVE-2026-28950**. The patch addresses a **Notification Services** flaw t...
Apple out-of-band iOS/iPadOS security updates (CVE-2026-28950)
Security Patch ReleaseAbout this happening: **Apple** released **out-of-band security updates** for **iPhone and iPad** on **April 22, 2026** to fix **CVE-2026-28950**. The patch addresses a **Notification Services** flaw t...
Latest development: 23.04.2026 11:50
Apple issued **iOS 26.4.2**, **iPadOS 26.4.2**, **iOS 18.7.8**, and **iPadOS 18.7.8** on **2026-04-23** to close **CVE-2026-28950**, which could preserve deleted-message notifications on affected devices.
Apple Notification Services notification retention flaw (CVE-2026-28950)
Vulnerability
First: 22.04.2026 23:58
Last: 22.04.2026 23:58
Sources 1
About this happening:
**Apple** released **out-of-band updates** for **iPhone and iPad** to fix **CVE-2026-28950**, a **Notification Services** flaw that could let deleted notifications remain stored o...
Apple Notification Services notification retention flaw (CVE-2026-28950)
VulnerabilityAbout this happening: **Apple** released **out-of-band updates** for **iPhone and iPad** to fix **CVE-2026-28950**, a **Notification Services** flaw that could let deleted notifications remain stored o...
Latest development: 23.04.2026 11:50
Apple released iOS 26.4.2, iPadOS 26.4.2, iOS 18.7.8, and iPadOS 18.7.8 to address CVE-2026-28950, a logging flaw that could retain notifications marked for deletion on the device. The update improves data redaction so inadvertently preserved notifications are removed, and reporting also links the flaw to recovered Signal chats in the Prairieland case involving law enforcement and the FBI.
MacOS living-off-the-land analysis exposing native-feature abuse
Technical Analysis
First: 22.04.2026 19:30
Last: 22.04.2026 19:30
Sources 1
About this happening:
Native macOS features are now being repurposed for **code execution**, **lateral movement**, and **evasion**, widening detection gaps across enterprise Apple fleets. The analysis...
MacOS living-off-the-land analysis exposing native-feature abuse
Technical AnalysisAbout this happening: Native macOS features are now being repurposed for **code execution**, **lateral movement**, and **evasion**, widening detection gaps across enterprise Apple fleets. The analysis...
Timeline
-
17.02.2026 08:44 2 articles · 3mo ago
Apple releases iOS and iPadOS 26.4 Beta
Mitigation Patch UpdateApple releases iOS and iPadOS 26.4 Beta with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages, limited to conversations between Apple devices and dependent on RCS Universal Profile 3.0 built atop the Messaging Layer Security (MLS) protocol. The same beta lets applications opt in to the full safeguards of Memory Integrity Enforcement (MIE) after earlier builds limited them to Soft Mode.
Show sources
- Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta — thehackernews.com — 17.02.2026 08:44
- Apple Expands RCS Encryption and Memory Protections in iOS 26.4 — www.infosecurity-magazine.com — 17.02.2026 17:00
-
17.02.2026 08:44 1 articles · 3mo ago
iOS 26.4 is expected to default Stolen Device Protection
Mitigation Patch UpdateiOS 26.4 is expected to enable Stolen Device Protection by default for iPhone users, adding Face ID or Touch ID checks for sensitive actions such as accessing stored passwords and credit cards when the device is away from familiar locations. The protection also adds a one-hour delay before Apple Account password changes so a stolen device can be marked as lost before account access changes take effect.
Show sources
- Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta — thehackernews.com — 17.02.2026 08:44