On Friday, WhatsApp shared news that it had fixed a serious security flaw. This flaw was being used by hackers to target specific Apple users and infect their devices with spyware.
WhatsApp, which is part of Meta, confirmed the bug was a hidden issue that could have allowed hackers to launch focused attacks. They labeled this vulnerability as CVE-2025-55177.
Recently, TechCrunch reported that while WhatsApp patched this bug, Apple also addressed another weakness, known as CVE-2025-43300. Both issues played a role in enabling attacks aimed at stealing data from specific Apple users, according to reports.
Apple explained that one of its vulnerabilities could lead to memory corruption if a harmful image file was processed. They acknowledged that this flaw may have been exploited in a sophisticated attack on certain individuals.
WhatsApp informed TechCrunch that it had reached out to “less than 200 users” who might have been affected. Donncha Ó Cearbhaill, from Amnesty International’s Security Lab, mentioned on X (formerly Twitter) that their team is looking into these cases. “We’re here to support those in civil society who have received WhatsApp’s warnings,” Cearbhaill noted.
Zero-click attacks are a rising concern in the tech world. Unlike typical phishing attempts that require users to click on a link or open a file, zero-click attacks can exploit vulnerabilities without any user action. A simple message with a harmful file can hijack the phone automatically. This type of malware has increasingly targeted journalists, activists, and government officials, often traced back to companies based in Israel.
A study published by MIT Technology Review revealed that over 65% of zero-click attacks in recent years have been aimed at individuals involved in social movements or human rights advocacy. This alarming trend highlights the need for strengthened security practices, especially for those in vulnerable positions.
As technology evolves, so do threats. It’s essential to remain vigilant about the apps we use and the potential risks they harbor. Keeping software up to date is a crucial step in safeguarding our devices against these sophisticated attacks.
Source link
Apple,Cybersecurity,WhatsApp
