Blog

WhatsApp patches vulnerability exploited in zero-day attacks

3 hours ago
1 minute read

WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks.

The company says this zero-click flaw (tracked as CVE-2025-55177) affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78.

“Incomplete authorization of linked device synchronization messages in WhatsApp [..] could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device,” WhatsApp said in a Friday security advisory.

“We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users.”

When Apple released emergency updates to patch the CVE-2025-43300 zero-day flaw earlier this month, it also stated that the flaw had been exploited in an “extremely sophisticated attack.”

While the two companies are yet to publish further information regarding the attacks, Donncha Ó Cearbhaill (the head of the Security Lab at Amnesty International) said that WhatsApp just warned some users that they’ve been targeted in an advanced spyware campaign over the last 90 days.

“We’ve made changes to prevent this specific attack from occurring through WhatsApp. However, your device’s operating system could remain compromised by the malware or be targeted in other ways,” the alerts read.

In the threat notifications sent to potentially impacted individuals, WhatsApp advises them to perform a device factory reset and to keep their devices’ operating system and software up to date.

In March, WhatsApp patched another zero-day flaw—following reports from security researchers at the University of Toronto’s Citizen Lab—that was exploited to install Paragon’s Graphite spyware.

See also  The enforcer that could break up Apple and Google is facing upheaval

“WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users including journalists and members of civil society. We’ve reached out directly to people who we believe were affected,” a WhatsApp spokesperson told BleepingComputer at the time.


Picus Blue Report 2025

46% of environments had passwords cracked, nearly doubling from 25% last year.

Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.


Source link

Related posts:

  1. Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
  2. Maximum-severity ISE RCE flaws now exploited in attacks
  3. CISA flags PaperCut RCE bug as exploited in attacks, patch now
  4. WinRAR zero-day exploited to plant malware on archive extraction
Tags
3 hours ago
1 minute read
Back to top button
close