A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini’s voice assistant on Android and made it open a victim’s connected windows, fake a message from their boss, push the phone into a Zoom call, or quietly poison its long-term memory. No malicious app on the phone is…
Tag: notification
AI, Compliance, Exploits, Global Security News, Network Security, privacy, Risk Management
CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data
Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction.…
AI, Global Security News
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue that has been addressed with improved data redaction. “Notifications marked for deletion could be…
AI, Global Security News
Apple fixes iOS bug that retained deleted notification data
Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. […]
Data Breaches, Global Security News, Risk Management
That data breach alert might be a trap
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
Global Security News
FBI Recovers Deleted Signal Messages Through iPhone Notifications
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.
AI, Global Security News
Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure
Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. “Because the emails are dispatched from the platform’s own infrastructure, they satisfy all standard authentication requirements (SPF, DKIM, and DMARC), effectively neutralizing the primary gatekeepers of modern email security,” they note.…
AI, Exploits, Global Security News
Scammers exploit trust in Atlassian Jira to target organizations
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking Atlassian Jira Cloud addresses. Organizations already using Jira were specifically targeted: the attackers selected domains known to have active…