iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android Ravie Lakshmanan May 12, 2026 Encryption / Mobile Security Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a "cross-industry effort" to replace traditional SMS with a more secure alternative. To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users on the latest version of Google Messages.
The feature is enabled by default for both new and existing conversations in both platforms. RCS is a modern, internet-based messaging protocol that allows Android and iPhone users to send high-resolution photos and videos, see typing indicators, and receive read receipts, features all typically present in instant messaging apps. It is built on an industry specification called the RCS Universal Profile . "When RCS messages are end-to-end encrypted, they can't be read while they're sent between devices," Apple said in a statement. "Users will know that a conversation is end-to-end encrypted when they see a new lock icon in their RCS chats." Apple began testing with E2EE in RCS messages in iOS and iPadOS 26.4 Beta, initially limiting it to only conversations between Apple devices.
In early 2025, the GSM Association (GSMA) announced support for E2EE for safeguarding messages sent via the RCS protocol. In a similar statement, Google Google Messages for Android users will see a padlock icon to indicate that the cross-platform conversation is end-to-end encrypted. "This welcome progress is the result of close, cross‑industry collaboration between the GSMA RCS Working Group, including Apple, Google, and the wider mobile ecosystem," Alex Sinclair, chief technology officer at GSMA, said . "Crucially, the new secure services are being delivered on an open, globally recognised foundation." The latest updates also come with fixes for over 50 vulnerabilities in iOS and iPadOS, including various flaws in AppleJPEG, ImageIO, Kernel, mDNSResponder, and WebKit that could be exploited to leak sensitive information, a denial-of-service (DoS), or result in unexpected system termination.
Found this article interesting? Follow us on Google News , Twitter LinkedIn to read more exclusive content we post. Tweet Share Share Share Android , Apple , cybersecurity , end-to-end encryption , Google , GSMA , iOS , mobile security , RCS Messaging ⚡ Top Stories This Week 30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign Trellix Confirms Source Code Breach With Unauthorized Repository Access ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE and More Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise 2026: The Year of AI-Assisted Attacks Day Zero Readiness: The Operational Gaps That Break Incident Response We Scanned 1 Million Exposed AI Services.
Here's How Bad the Security Actually Is ⭐ Featured Resources [Webinar] Learn How Autonomous Validation Keeps Pace With AI Attacks [Guide] Get Practical AI SOC Insights to Improve Threat Detection [Demo] Discover How to Control Autonomous Identity Risks Effectively [Demo] Stop Email Attacks and Protect Cloud Workspace Data Faster Cybersecurity Webinars Building Stronger Defenses Stop Patient Zero Attacks Before They Bypass Detection Learn how to stop patient zero attacks before they bypass detection and compromise your systems at entry points.
Register Reduce AppSec Risk Validate Real Attack Paths Before Attackers Exploit Them Learn how to validate real attack paths and reduce exploitable risk with continuous agentic security validation. ⚡ Latest News Cybersecurity Resources Build Security Strategy That Earns Executive Buy-In — SANS LDR514, NYC SANS LDR514 in NYC, Aug 10–15: policy, risk frameworks, board communication, and strategic leadership.
Your VPN is Helping Attackers Move as Fast as AI AI collapsed human response window and turned remote access into fastest path to breach. Earn a Master's in Cybersecurity Risk Management Lead the future of cybersecurity risk management with an online Master’s from Georgetown. Expert Insights Articles Videos From Phishing to Recovery: Breaking the Ransomware Attack Chain May 04, 2026 Read ➝ Mythos is Coming: What the Next Six Months Require Your Biggest Security Risk Isn’t Malware — It's What You Already Trust CTM360 Exposes Global GovTrap Campaign With 11,000+ Fake Government Portals Targeting Citizens Worldwide April 27, 2026 Get the Latest News in Your Inbox Get the latest news, expert insights, exclusive resources, and strategies from industry leaders, all for free.